• Mobo01



    Viewing 1 replies (of 1 total)
    • in reply to: Zero-Day hole exploited in the wild – Google Chrome #2482244

      The CVE-2022-0609 zero-day issue that was resolved today is defined as a “Use after free in Animation” and was assigned a High severity level. Clément from Google’s Threat Analysis Group uncovered this vulnerability. Data Controlling Language (DCL) is one of these languages, and it is used to edit and retrieve data by creating specialized SQL queries using the grant command. It includes two commands: grant and revokes, which are used to grant and revoke particular rights (as specified by query) to users in a multi-user database.
      Attackers frequently leverage free flaws to execute arbitrary code on machines running unpatched Chrome versions or to circumvent the browser’s security sandbox.

      While Google stated that it has identified attacks leveraging this zero-day vulnerability, it did not provide any more information about these occurrences or technical specifics about the issue. Access to problem details and links may be restricted until the majority of users have received a remedy. In addition to the zero-day vulnerability, this Google Chrome version patched seven additional security flaws, with all but one classed as ‘High’ severity.

      1 user thanked author for this post.
    Viewing 1 replies (of 1 total)