We learned earlier this month about a zero-day Chrome exploit that North Korean state-sponsored hackers were able to exploit for nearly a month before a patch was issued in mid-February. In that case, the hackers were able to dupe the unsuspecting with compromised real websites and sites they’d spoofed by securing similar domain names. Now, for the second time in 2022, there is another Chrome zero-day, and Google is releasing yet another patch.
The company explained keeping some information away from the public as a safety measure, stating that full details on how the exploit worked won’t be made public until most users have the fix. Fortunately, this time Google was apparently able to issue a patch before the exploit became widely known. Users should update to Chrome version 99.0.4844.84 as soon as possible.