Urgent Vulnerability Notice: Google Chrome Zero Day Vulnerability Exploited by Attackers

What You Need to Know:

Over the Fourth of July weekend, Google released a patch for a high-severity zero-day Chrome vulnerability. The vulnerability is being exploited in the wild and affects Google Chrome and other chromium-based browsers. The heap-based buffer overflow vulnerability is found in the WebRTC (Web-Real-Time Communications) component.

The vulnerability is being tracked as CVE-2022-2294 and allows for attackers to breach user’s privacy. A successful heap overflow exploit can allow for program crashes, bypassing security solutions, or unfettered code execution. Although the vulnerability has been exploited in the wild, Google has yet to release any information or technical details regarding instances of exploitation. Their advisory stated that “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.”
CVE-2022-2294 is the fourth zero-day that Google has patched in 2022. The other zero-day vulnerabilities include:

• February 14, 2022 – CVE-2022-0609 – a “use after free in animation” vulnerability.
• March 25, 2022 – CVE-2022-1096 – a type confusion weakness in the Chrome V8 JavaScript engine.
• April 14, 2022 – CVE-2022-1364 – another type confusion weakness in the Chrome V8 JavaScript engine.

Chrome version 103.0.5060.114 was issued in Google’s Stable Desktop channel but Google stated it’s a matter of days or weeks before it reaches the entire userbase. However, because Google is delaying the release of the technical details surrounding the attacks, Chrome users will have time to patch. Here is a list of other Chromium browsers that you should patch:

• Microsoft Edge – Please patch when one becomes available.
• Brave – You can find the patch here.
• Opera – Please patch when one becomes available.
• Vivaldi – You can find the patch here.

Because CVE-2022-2294 has been exploited by attackers in the wild, Avertium strongly urges that you install Google Chrome’s update as soon as possible.

Towerwall’s Recommendations:

• Please patch your Google Chrome browser as soon as possible to the latest version (103.0.5060.114 for Windows, macOS, and Linux and to 10.5060.71 for Android).

Indicators of Compromise (IoCs):

• At this time, there are no known IoCs associated with CVE-2022-2294.

Supporting Documentation:

• Google Patches Actively Exploited Chrome Bug | Threatpost 
• Google Releases Patch for Chrome CVE-2022-2294 Exploit | iTech Post 
• Brave Release Notes | Brave Browser 
• Minor update (8) for Vivaldi Desktop Browser 5.3 | Vivaldi Browser 
• Google Chrome emergency update fixes zero-day exploited in attacks (bleepingcomputer.com) 
• Google Chrome emergency update fixes zero-day used in attacks (bleepingcomputer.com) 
• Emergency Google Chrome update fixes zero-day used in attacks (bleepingcomputer.com)