Govt warns Google Chrome users of high-level threat, asks to update browser immediately | #cybersecurity | #cyberattack


The Indian Computer Emergency Response Team (CERT-In) has warned Google Chrome users of a high level threat. The cybercrime nodal agency highlighted some major vulnerabilities in the Chrome browser for the desktop. CERT-In wants Chrome users to immediately update the browser to the latest version. Google acknowledged the vulnerabilities and released a fix via a software update.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” Google said in an official statement.

What is the issue?

The agency highlighted that the Google Chrome version prior to 101.0.4951.41 had been impacted by a new flaw in the software. The threat is primarily for desktop users only. Google has acknowledged the flaw and listed 30 vulnerabilities on the Chrome blog post. Around seven flaws have been classified as ‘High’ threats.

CERT-In further explained that these high level vulnerabilities can be exploited and allow a remote attacker to execute arbitrary code and in turn gain access to sensitive information. The flaw is said to allow hackers to be able to bypass security restrictions and cause buffer overflow on the targeted system.

The agency highlighted that “these vulnerabilities exist in Google Chrome due to Use after free in Vulkan, SwiftShader, ANGLE, Device API, Sharin System API, Ozone, Browser Switcher, Bookmarks, Dev Tools and File Manager; Inappropriate implementation in We Extensions API, Input, HTML Parser, Web Authentication and iframe; Heap buffer overflow in WebGPU and Web UI Set Confusion in V8; Out of bounds memory access in UI Shelf; Insufficient data validation in Blink Editing, Trusted Type Tools; Incorrect security UI in Downloads.”

Update your browser immediately

CERT-In has urged all Chrome desktop users to upgrade the browser to version 101.0.4951.41. The agency said that any version before this could be susceptible to attacks, which may eventually lead to loss of sensitive data. The vulnerabilities have been discovered in Windows, Mac as well as Linux.

Google has started rolling out the update for Windows, Mac and Linux. The update should reach all users over the coming days or weeks.

How to update Chrome to latest version

Once the update is available, the browser should get updated automatically. But if it doesn’t, follow the following steps.

Step 1: Open Chrome browser
Step 2: Go to the right corner and click on three horizontal dots icon
Step 3: In the drop down menu, find the settings option
Step 4: Click on Help and then About Google Chrome option
Step 5: Chrome will now download any pending update.

Once the update is installed, Chrome will shut down and restart again.

Also read: | Google Pixel Watch tipped to feature eSIM connectivity, launch date still unclear

Also read: | Samsung Fab Grab Fest sale begins: Deals on Galaxy S20 FE 5G and more

Also read: | Elon Musk gained 6 million followers after Twitter deal, but almost half of them are fake



Original Source link

Leave a Reply

Your email address will not be published.

one + one =