Adam Weidemann

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 98.0.4758.102 **Description** The issue is related to a use-after-free vulnerability in the Animation component of Google Chrome. This vulnerability allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. The vulnerability could lead to the execution of arbitrary code on affected systems and damage to data. At least two distinct groups of North Korean state-sponsored hackers exploited this vulnerability to launch cyberattacks on the fintech, IT, and media industries. **Recommendations** For Google Chrome versions prior to 98.0.4758.102, update to version 98.0.4758.102 or later to resolve the issue. As a temporary workaround, consider restricting access to the Animation component until a patch is applied. Avoid using the vulnerable API Web Animations until the issue is resolved.