India’s cybersecurity watchdog on Wednesday issued advisory notes flagging security vulnerabilities in Google’s Chrome browser on the Android mobile operating system.
As per the advisory, the Indian Computer Emergency Response Team (CERT-In) has discovered severe security vulnerabilities in the app and urged users to update to the latest version.
CERT-In — the cybersecurity watchdog under the Union Ministry of Electronics and Technology — has spotted nine vulnerabilities, rated “high” in terms of severity in Google Chrome app versions prior to 101.0.4951.61.
“Multiple vulnerabilities have been reported in Google Chrome which could be exploited by an attacker to execute arbitrary code on the targeted system,” CERT-In said.
In simple terms, a hacker can run malicious code on a user’s smartphone with an outdated version of chrome, and potentially take control without the user’s knowledge.
The fix is simple: users must open Play Store on their Android smartphones and ensure Google Chrome is updated to the latest version — 101.0.4951.61.
CERT-In said the vulnerabilities could be caused by a host of code-level malfunctions, as well as a user unknowingly accepting “Permission Prompts”.
Last week, CERT-In issued advisory notes flagging medium-to-high security vulnerabilities in Microsoft’s desktop browser, Edge, and Google’s Chrome OS, as well as the Chrome web browser. All these applications run on Google’s free, open-source web browser software, Chromium.