Google Chrome users should be cautious as India’s Computer Emergency Response Team (CERT-In) recently issued a warning to Google browser users.
The government agency, in its alert i.e.
CERT-In Vulnerability Note CIVN-2023-0295, mentioned that some critical vulnerabilities can pose a threat to the performance of devices running Google Chrome.
According to CERT-In Security Alert, these vulnerabilities include “Use After Free” weaknesses in Site Quarantine, Streaming, and Flashing History.
Additionally, various glitches with full screen, navigation, downloads, extensions, APIs, and other glitches can be noted.
The report also highlights that buffer overflows can be detected in PDF files.
The government agency has issued an alert warning users that these vulnerabilities can easily be misused by remote attackers through cleverly sent requests to the target system.
These exploits can lead to a range of serious consequences, including unauthorized code execution, sensitive data leakage, denial of service attacks, and other major disruptions.
It should be noted that Chrome versions before 118.
70/71 for Windows and versions before 118.
70 for Mac and Linux are affected by these vulnerabilities.
To protect your device, you should take the following steps: According to CERT-In, you should immediately update systems that use the Chrome browser.
Notably, Google has rolled out updates to address these vulnerabilities.
To update your Google Chrome version, simply navigate to Chrome.
Tap on More>Choose the Help option and then click on ‘About Google Chrome.
‘ Then the browser will start updating in case there is any update available.
After the update is downloaded, tap on relaunch.
Moreover, smartphone users can update their browsers visiting the Google PlayStore.
To recall, CERT-In also issued a similar warning last month, which said that multiple vulnerabilities have been reported in Google Chrome which could allow an attacker to execute arbitrary code, bypass security restrictions, or cause a denial-of-service condition on the targeted system “These vulnerabilities exist in Google Chrome due to heap buffer overflow in vp8 encoding in libvpx; use-after-free error in Passwords and Extensions.
A remote attacker could exploit these vulnerabilities by executing a specially crafted HTML page,” CERT-In said in a release.