Security Update (Updated 28/3/2022 15.50)
The Integrity360 Cyber Threat Response team are currently tracking a new Zero-day vulnerability, CVE-2022-1096, found within Google's web browser Chrome. Google published an advisory on Friday 25th March, noting they are aware of the exploit and it exists in the wild. Currently, the details regarding the exploit have not been revealed by Google, however we are aware the exploit involves the leveraging of a weakness in the Chrome V8 JavaScript engine, which allows attackers to execute arbitrary code.
To combat the exploit Google has released a hotfix version 99.0.4844.84 which should be updated as soon as possible. This can be completed by navigating to Chrome Menu > Help > About Google Chrome.
Integrity360 will continue to monitor this exploit and will update as soon as new details become available.
If you are concerned about your cyber security posture as this situation unfolds please reach out to our team and we can put you in touch with our Incident Response and Cyber Threat Intelligence teams to discuss additional protections that you may find beneficial.
