In a significant cybersecurity announcement, the Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning to all Google Chrome users in the country. This alert highlights multiple vulnerabilities within the browser that pose a substantial risk to user data and system security.
Key Highlights
- High-Severity Vulnerabilities: CERT-In has identified severe vulnerabilities in Google Chrome that could allow attackers to execute harmful operations, such as stealing data, compromising system integrity, and even causing denial-of-service attacks.
- Affected Versions: The vulnerabilities affect Google Chrome versions prior to 118.0.5993.70/.71 for Windows and 118.0.5993.70 for Mac and Linux.
- Urgent Call to Update: Users are strongly encouraged to update their browsers to the latest version to mitigate these risks. Google has already released updates addressing these vulnerabilities.
The Indian Computer Emergency Response Team (CERT-In) has released a critical security warning for users of Google Chrome, marking a significant concern for the widely used web browser. The alert underscores the discovery of multiple severe vulnerabilities that pose a threat to user security and privacy.
How to Protect Your Device
To safeguard your device from potential exploits, follow these steps:
- Update Google Chrome by navigating to “Help” > “About Google Chrome” through the menu. Chrome will automatically download and prompt for a relaunch to apply the latest updates.
- Android users should update Chrome via the Play Store.
Additionally, the Indian government, through CERT-In, is offering free tools to help users protect their devices from malware. These tools include eScan CERT-IN Bot Removal, M-Kavach 2, and a Free Bot Removal Tool, all accessible through the Cyber Swachhta Kendra portal.
Understanding the Threat
The vulnerabilities identified involve risks such as “use after free” in the Vulkan and Loader components, and “out of bounds memory access” in CSS, V8 JavaScript engine, and Fonts components. These technical flaws can lead to unauthorized code execution, denial of service (DoS), and sensitive information disclosure by remote attackers.
Vulnerable Software Versions
- Google Chrome versions prior to 116.0.5845.110/.111 for Windows.
- Google Chrome versions prior to 116.0.5845.110 for Mac and Linux.
Safety Measures
To protect against these vulnerabilities, CERT-In advises users to update their Google Chrome browsers immediately. Google has released updates (116.0.5845.110/.111 for Windows and 116.0.5845.110 for Mac and Linux) to patch these security issues. In addition, users are encouraged to practice cautious web browsing, especially when visiting suspicious or untrusted websites.
The latest security warning from CERT-In underscores the importance of keeping software up to date to protect against cyber threats. By promptly updating Google Chrome and utilizing available cybersecurity tools, users can significantly reduce their risk of being compromised by attackers exploiting these vulnerabilities.
This alert serves as a reminder of the constant vigilance required in the digital age, where even the most popular and widely used software can become a gateway for cyber threats. The prompt response by Google highlights the importance of regular software updates as a critical component of cybersecurity. Users should heed this warning seriously and take immediate action to update their browsers, reinforcing their defenses against potential cyber attacks.
Add Comment