In a recent alert issued by the Computer Emergency Response Team in India (CERT-In), a high-risk warning has been raised for users of the popular web browser, Google Chrome. The official government advisory highlights critical vulnerabilities present in certain versions of the browser that could potentially allow hackers to take control of your computer or crash it.
CERT-In, the government-approved organisation that deals with cybersecurity threats, has classified the reported vulnerabilities as high-risk. These vulnerabilities include a Heap buffer overflow error in WebP, inappropriate implementation in various components such as Custom Tabs, Prompts, Input, Intents, Picture in Picture, and Interstitials, as well as insufficient policy enforcement in Downloads and Autofill.
Also Read– Asian Paints Co-Founder Ashwin Dani Dies At 81
CERT-In notes that these vulnerabilities in Google Chrome could potentially be exploited by malicious actors to gain unauthorized access to the victim’s system. “Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, bypass security restrictions or cause a denial-of-service condition on the targeted system,” reads the latest vulnerability note.
What has made the situation more concerning is the fact that one of the vulnerabilities, identified as CVE-2023-4863, is already being exploited in the wild. This means that cybercriminals are actively taking advantage of this security flaw. Therefore, it is crucial for Google Chrome users to take immediate action to protect their systems.
Also Read– National Education Policy: What Changes in Education System & How it Affects Students, Teachers
Affected Chrome Software
- Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.188 (for Mac and Linux)
- Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.187 (for Windows)
- Google Chrome for Desktop versions prior to 117.0.5938.62 (for Mac and Linux)
- Google Chrome for Desktop versions prior to 117.0.5938.62/.63 (for Windows)
How hackers can exploit the risk
To exploit these vulnerabilities, a hacker could trick a user into visiting a malicious website. This is a common tactic in many cyberattacks, where attackers lure users into clicking on malicious links or visiting compromised websites. However, as soon as a user visits the malicious website, the attacker can execute malicious code, potentially taking control of the user’s system, bypassing security measures, or causing a denial-of-service attack.
Read More: Karnataka Bandh Today: Bengaluru Schools Shut, Airport Issues Advisory | What’s Open, What’s Not
Protection measures
CERT-In emphasizes that Google has already released the update and security fix containing patches and solutions for these security issues.
For the affected software, it strongly urges users to update their Chrome browser immediately. Additionally, the cybersecurity organization advises users to keep their browser and other software updated to prevent similar risks in the future.
- To update Google Chrome:
- Open your Chrome window.
- Click on the three dots icon in the top right corner of Chrome.
- From the dropdown menu, select “Help.”
- Click on “About Google Chrome.”
- Finally, restart your browser to apply the update.