In recent advisories, the Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning for users of Google Chrome across multiple versions on Linux, Windows, and Mac platforms. This alert, detailed in CERT-In’s note CIVN-2024-0085, indicates the discovery of multiple severe vulnerabilities that could potentially allow attackers to execute malicious actions such as stealing sensitive information, installing malware, or even gaining complete control of affected systems.
Understanding the Threats
These vulnerabilities predominantly stem from programming errors in several components of Google Chrome, including but not limited to the V8 JavaScript engine, and elements managing media streams and autofill functionalities. Some of these bugs, described technically as ‘use-after-free’ and ‘out-of-bounds memory access’, can lead to unauthorized code execution or the crashing of the browser if a user visits a maliciously crafted web page.
Immediate Actions for Users
CERT-In’s recommendations stress the importance of updating Google Chrome to the latest version as an immediate protective measure. Users can update their browser by navigating to “Settings > About Chrome” on their Chrome browser. This action prompts any available updates to download and install automatically, which is vital to patch the security holes currently being exploited.
Steps to Update and Secure Your Chrome Browser
To mitigate these threats, users are advised to update their Google Chrome browser to the latest version immediately. This can generally be done automatically but may also be performed manually through the browser’s settings:
- Open Google Chrome.
- Click on the three vertical dots in the top right corner.
- Select “Help” and then “About Google Chrome.”
- The browser will check for updates and display the current version. If an update is available, you can click “Relaunch” to install the latest version.
Additional Safety Measures
Besides updating the browser, users are urged to exercise general cybersecurity hygiene:
- Avoid using public or unsecured Wi-Fi networks.
- Be cautious of phishing attempts and do not click on suspicious links or download files from unknown emails.
- Use Google Chrome’s built-in security features like Safe Browsing to enhance protection against harmful websites.
With cyber threats evolving rapidly, staying informed about potential vulnerabilities and following recommended security practices is crucial for safeguarding personal and sensitive data. The government continues to monitor and issue timely warnings through platforms like CERT-In to alert and protect users from such cyber threats
