India’s cybersecurity agency, CERT-In, has issued a high-risk alert for Google Chrome users due to multiple vulnerabilities. Users are urged to update their browsers and follow safety guidelines to protect their systems.
In Short
- The Indian Computer Emergency Response Team (CERT-In) has issued a warning regarding high-risk vulnerabilities that have been found in the popular web browser, Google Chrome.
- If these vulnerabilities are not fixed, it could result in hacking.
- It is highly recommended that users keep their browsers updated and follow safety guidelines for their online activities. This will help ensure a secure and safe online experience.
India experienced a rise of 24% in cyber crimes registered in 2022 compared to the previous year, whereas other types of crime including economic offenses (11%), crimes against senior citizens (9%), crimes against women (4%) too recorded an increase, according to the 2023 report of the National Crime Records Bureau (NCRB).
CERT-In, India’s cybersecurity agency, has issued a high-risk warning for users of the desktop version of Google Chrome. The alert highlights multiple vulnerabilities in Google Chrome that could allow remote social criminals to execute arbitrary code on targeted systems. Henceforth, users are strongly advised to immediately update their browsers to avoid these targeted attacks and stay secure digitally.
According to CERT-In, there are different kinds of vulnerabilities in Google Chrome versions for Windows and Mac that could enable the attacker to take control of a system or crash it, resulting in a denial-of-service. Let’s take a detailed look at the risks and how people can protect their systems from being hacked.
The prominent vulnerabilities in Google Chrome primarily exist due to the following issues, according to CERT-In:
- V8 and WebAssembly Object Corruption: This can result in unexpected behavior or code execution.
- Use-After-Free: This can result in crashes, arbitrary code execution, and data corruption in V8, Downloads, and QUIC.
- Improper Autofill, Extension, Network, and Prompt Implementation: This may result in unexpected behavior or possible data leakage.
- Out-of-Bounds Read in Fonts: It has the potential to corrupt data or launch arbitrary code.
- Inadequate Policy Enforcement in WebUI and Site Isolation: This may result in security lapses.
- Inadequate Data Validation in Downloads and Browser Switchers: This can let malicious data be ignored from security checks.
It is important to note that there are certain vulnerabilities associated with using outdated versions of Google Chrome. These vulnerabilities could lead to remote code execution and denial-of-service attacks. If exploited, these vulnerabilities could allow an attacker to take complete control of your computer, install malware, steal your data, or cause damage to your system. Furthermore, an attacker could also crash your Chrome browser or your entire computer, rendering it unusable.
To ensure your safety, it is recommended that you update your Google Chrome browser to the latest version (124.0.6367.60 or later) as soon as possible. Users of Google Chrome versions earlier than 124.0.6367.60 for Windows and Mac are particularly vulnerable to these highlighted vulnerabilities. Google has already released the necessary fix and update, and you can update your Chrome browser by following these simple steps:
- Open Google Chrome in your system.
- Click on the three vertical dots in the top right corner of the window.
- Click on “Settings”.
- Click on “About Chrome”.
- Chrome will automatically check for updates. If an update is available, download and install the updated version.
It is important to update your browser regularly to ensure your computer is secure. However, it is equally important to be cautious of the websites you visit and the links you click on. Avoid visiting untrusted websites, especially those offering illegal downloads or streaming content. These types of websites are more likely to have malicious code that can exploit vulnerabilities in your browser. Beware of phishing emails and messages that contain links leading to potentially harmful websites. Do not click on any links in emails or messages from unknown senders.
Keeping these tips in mind can help keep your computer safe and secure:
- Turn on a pop-up blocker: These can stop malicious websites from opening new tabs in your browser.
- Frequently clear your browser’s cache and browsing history to help get rid of any potentially dangerous information.
- Keep an eye out for unusual activity: Be alert for any indications of strange activity on your computer, such as sudden pop-ups or crashes.
- Choose secure and strong passwords: Make sure you have strong, one-of-a-kind passwords for all of your accounts and devices.
- Use a security suite: Take into account utilizing a security suite that comes with antivirus and firewall software. By doing this, you may be able to prevent malware and other dangers from harming your computer.
