Multiple Google Chrome flaws that, if exploited, might let attackers steal user data and jeopardise system security have prompted CERT-In to issue a high-severity alert. These vulnerabilities have been marked as high-risk by CERT-In, which is advising users to upgrade their browsers right now.
Users of Google Chrome are alerted by CERTIn about high vulnerabilities.
Versions of Google Chrome for Mac and Windows were discovered to have the vulnerabilities.
Users are urged to upgrade their Chrome immediately by the authorities.
The Indian Computer Emergency Response Team (CERT-In) has just issued a security warning for Google Chrome users. The alert, known as CERT-In Vulnerability Note CIVN-2023-0295, was released on October 11, 2023, and it highlights a number of high-severity vulnerabilities that may be used by hackers to compromise the security and performance of devices running Google Chrome.
The “high” severity vulnerabilities detected in Google Chrome are further described in the security bulletin. These defects include “use after free” bugs in Site Isolation, Blink History, and Cast, as well as faulty implementations in a number of Chrome features, including Fullscreen, Navigation, DevTools, Intents, Downloads, Extensions API, Autofill, Installer, and Input. Additionally, the processing of PDF files contains a heap buffer overflow issue.
By sending properly designed queries to the target system, remote attackers may take advantage of the vulnerabilities that CERT-In has identified. This exploitation might have a variety of negative effects, including the circumvention of security safeguards, the execution of unauthorised code, the disclosure of private information, and the infliction of denial-of-service (DoS) attacks on the targeted system. Simply put, this warning emphasises the genuine potential of attackers using these vulnerabilities to seize control of devices, which is a serious issue for consumers.
The list of Google Chrome versions that have ‘High’ vulnerabilities is as follows:
Google Chrome versions for Windows prior to 118.0.5993.70/.71
Versions of Google Chrome for Mac and Linux that are older than 118.0.5993.70
How to safeguard your gadget
Users are urged by CERTIn to upgrade their systems promptly. Notably, Google has already reacted to the notification and deployed patches to close the holes. To upgrade Chrome: Open Chrome and choose More (three dots) > Help > About Google Chrome. If an update is available, Chrome will begin downloading it immediately.
Click Restart to apply the update when it has finished downloading.
Go to the Play Store and update the Chrome app to use Chrome on your Android phone or tablet.
The Indian government is providing free tools to remove malware from devices via CERT-In in the meantime to assist people in protecting their devices from malware and bots. These instruments consist of:
Available in the Google Play Store, eScan CERT-IN Bot Removal
M-Kavach 2: Designed by C-DAC Hyderabad
A free bot removal tool is accessible at csk.gov.in.
Through the Cyber Swachhta Kendra site, users may use these free virus detection tools. Users may safeguard their systems and devices with the help of the website’s information and tools.
