- Google has issued an emergency security update for Chrome (version 99.0.4844.84)
- The security update addresses just a single issue: an actively exploited zero-day vulnerability identified as CVE-2022-1096
- Google has not released technical details of the vulnerability
- Earlier this year North Korean hackers had exploited a similar vulnerability, targeting crypto users and fintech companies
On Friday, March 25th, 2022, Google issued an emergency security update for its Chrome browser. The update is dubbed 99.0.4844.84 for Windows, Mac, and Linux and will be rolled out in the coming days or weeks.
The Google Chrome update is meant to patch a zero-day vulnerability which the company has identified as CVE-2022-1096 (Type Confusion in V8). It was reported by an anonymous user on the 23rd of this month.
At the time of writing, Google has not released the technical details of the security vulnerability. Such a delay could only mean that the vulnerability is actively being exploited by hackers. The software giant usually does not reveal such crucial details until the update has been implemented by a majority of its over 3.2 billion Chrome users.
Consequently, all Chrome users are advised to update their browsers.
To note is that the update could take some time to reach all global users of Chrome.
CVE-2022-1096 Could Affect Crypto Users
CVE-2022-1096 is the second zero-day vulnerability identified on the Chrome browser this year.
The first zero-day vulnerability of 2022 (CVE-2022-0609) was fixed on Chrome last month. Just like the current vulnerability, Google had offered little information about the high-level security flaw.
Google recently released details of CVE-2022-0609 as being able ‘to trigger remote code execution on the browser, which hackers likely used to load malware onto a computer’.
The company went on to identify two North Korean state-sponsored hacker groups that had begun exploiting the vulnerability in early January.
One of the groups known as Operation AppleJeus, targeted ‘over 85 users in cryptocurrency and fintech industries leveraging the same exploit kit’. The actions of the North Korean hacker group compromised at least two fintech company websites.
Google’s Adam Weidemann of the Threat Analysis Group explained:
On February 10, Threat Analysis Group discovered two distinct North Korean government-backed attacker groups exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups’ activity has been publicly tracked as Operation Dream Job and Operation AppleJeus…
We observed the campaigns targeting U.S. based organizations spanning news media, IT, cryptocurrency and fintech industries. However, other organizations and countries may have been targeted.
Therefore, it is highly probable that the current Google Chrome security vulnerability could, or has already, affected crypto users.