The Computer Emergency Response Team of the Indian government (CERT-In) has issued a warning to Google Chrome users, alerting them of severe vulnerabilities in the web browser’s specific versions, which can pose serious risks of data breaches, malware infections and phishing attacks.
CERT-In operates under the Ministry of Electronics and Information Technology. They have recently issued a high-security alert for Google Chrome users. The agency has flagged several vulnerabilities within the browser’s specific versions and warned users of potential security threats while asking them to upgrade their browser immediately.
CERT-In has raised a red signal about certain versions of Google Chrome, while warning users that they could encounter different security issues and these could compromise their personal information. These risks could be malware infection, phishing attacks and data breaches. Therefore, users should stay alert and take the required steps to protect their sensitive information.
A Threat to Cyber Security
Google Chrome is a popular web browser. The browser has several versions. Some specific versions are found to have multiple vulnerabilities which could leave users’ safety and heavily compromised. These vulnerabilities could enable cybercriminals to unleash attacks on a user’s computer and take control of it. Chrome has these vulnerabilities in several areas. For example, prompts, WebRTC, Vulkan Video, SwiftShader and Web Payments API. Cybercriminals can also exploit an integer overflow in PDF or a heap buffer overflow in Video.
“Multiple vulnerabilities exist in Google Chrome due to Type Confusion in V8; Heap buffer overflow in Visuals; Out of bounds read and write in WebGL; Out of bounds memory access in ANGLE; Use after free in Blink Task Scheduling, Cast and WebRTC;
Insufficient data validation in Extensions and Inappropriate implementation in Extensions,” read the official note.
An attacker could trick you into visiting a malicious website to exploit these vulnerabilities, which is an area of major concern. Once you visit a malicious website, an attacker could immediately take control of your system and steal sensitive information.
CERT-In has prepared a list of vulnerabilities and these are:
CVE-2023-4068
CVE-2023-4069
CVE-2023-4070
CVE-2023-4071
CVE-2023-4072
CVE-2023-4073
OVE-2023-4074
CVE-2023-4075
CVE-2023-4076
CVE-2023-4077
CVE-2023-4078
CERT-In has also highlighted the vulnerable versions of Google Chrome. These are:
Google Chrome versions prior to 115.0.5790.170 for Linux and Mac
Google Chrome versions prior to 115.0.5790.170/.171 for Windows
Those, who are using these versions, are asked to take immediate actions to prevent cyber-attack on their system.
How to protect your system
CERT-In suggests that users should immediately update Google Chrome to their latest version. Google has released an update to address these vulnerabilities.
Follow a series of steps to update Google Chrome.
- Open Google Chrome.
- Click the three dots on the window’s top right corner.
- Choose Help>About Google Chrome
- If an update is available, Chrome will download and install it automatically.
- Once the installation is done, Chrome will restart.
Follow a few simple steps to check for updates manually.
- Open Google Chrome.
- Click the three dots on the window’s top right corner.
- Choose Help > About Google Chrome
- Click Check for Updates.
However, updating the system is not enough. You should also follow some additional security precautions to safeguard your system from potential online threats.
- You should be careful when visiting websites and clicking on links. If a website is not safe to visit or you are not sure of its safety, avoid visiting it.
- Create and store strong passwords for your online accounts by using a strong password manager.
- Enable 2FA (two-factor authentication) for your all online accounts that offer the feature.
- Abstain from sharing all types of information online, especially on social media.
- Update your OS and software from time to time as the latest versions have more advanced security features.
- Use antivirus and firewall on your system to safeguard your computer from phishing activities and malware.
Stay Safe Always!