The Indian Computer Emergency Response Team (CERT-In) has issued a high-level warning to Google Chrome users about a potential security concern. One of the most serious vulnerabilities in the Chrome browser for the desktop has been identified by the cybercrime nodal agency. CERT-In urges Chrome users to upgrade their browsers to the most recent version as soon as possible. Google recognised the flaws and offered a patch in the form of a software update to address them.
It is possible that access to problem details and links will be restricted until the majority of users have been updated with a remedy. According to a Google official statement, “we will keep limitations if the fault remains in a third-party library that other projects similarly rely on but has not yet been resolved.”
The agency stated that Google Chrome versions previous to 101.0.4951.41 were affected by a new fault in the program, which was discovered by the company. The malware is mostly targeted at desktop computer users. Google has recognised the problem and published a list of 30 vulnerabilities in a blog post on Chrome. There are about seven issues that have been classed as ‘High’ dangers.
In addition, the CERT-In team warned that these high-level vulnerabilities may be exploited to allow a remote attacker to execute arbitrary code and, as a result, obtain access to confidential information. According to the researchers, the bug allows hackers to circumvent security constraints and trigger a buffer overflow on the targeted system by exploiting it.
As stated by the agency, “these vulnerabilities exist in Google Chrome due to Use after free in Vulkan, SwiftShader, ANGLE, Device API, Sharin System API, Ozone, Browser Switcher, Bookmarks, Dev Tools, and File Manager; Inappropriate implementation in We Extensions API, Input, HTML Parser, Web Authentication, and iframe; Heap buffer overflow in WebGPU and Web UI Set Confusion in V8; Out of bounds data access
Update your browser as soon as possible
CERT-In has encouraged all Chrome desktop users to upgrade to version 101.0.4951.41 of the browser, which is now available. According to the agency, any version prior to this one might be vulnerable to assaults, which could result in the loss of sensitive data in the long run. The flaws have been detected in both Windows and Mac operating systems, as well as Linux.
Google has begun pushing out the update for users running Windows, Mac OS X, and Linux. The update should be available to all users within the next few days or weeks.
