Govt issues high-risk warning for Google Chrome users, asks users to update browser immediately

Mangalore Today News Network

New Delhi, Aug 11, 2023: The Computer Emergency Response Team of the Indian government (CERT-In), an agency operating under the Ministry of Electronics and Information Technology, has recently issued a high-severity warning for users of Google Chrome. CERT-In has flagged multiple vulnerabilities within specific versions of Google Chrome, alerting users to potential security risks.

 

According to the CERT-In warning, Chrome users might encounter various security issues that could potentially compromise their sensitive information. These risks include phishing attacks, data breaches, and malware infections. It is important for users to be cautious and take necessary steps to protect themselves.

What is the high-severity risk

Google Chrome has multiple security vulnerabilities that could allow an attacker to take control of your computer. These vulnerabilities exist in several areas of Chrome, including prompts, Web Payments API, SwiftShader, Vulkan, Video, and WebRTC. An attacker could also exploit a heap buffer overflow in Video or an integer overflow in PDF.

"Multiple vulnerabilities exist in Google Chrome due to Type Confusion in V8; Heap buffer overflow in Visuals; Out of bounds read and write in WebGL; Out of bounds memory access in ANGLE; Use after free in Blink Task Scheduling, Cast and WebRTC;
Insufficient data validation in Extensions and Inappropriate implementation in Extensions,"reads the official note.

The most concerning part is that an attacker could exploit these vulnerabilities by tricking you into visiting a malicious website. If you do visit a malicious website, the attacker could take control of your computer and steal your personal information.

Here is the list of all the vulnerabilities highlighted by CERT-In:

-- CVE-2023-4068
-- CVE-2023-4069
-- CVE-2023-4070
-- CVE-2023-4071
-- CVE-2023-4072
-- CVE-2023-4073
-- OVE-2023-4074
-- CVE-2023-4075
-- CVE-2023-4076
-- CVE-2023-4077
-- CVE-2023-4078

CERT-In has further highlighted the affected versions of Google Chrome containing these vulnerabilities. Users who are using:

- Google Chrome versions prior to 115.0.5790.170 for Linux and Mac
- Google Chrome versions prior to 115.0.5790.170/.171 for Windows

Are asked to take immediate action to safeguard their systems.

How to protect your device

To protect your systems, CERT-In advises users to promptly update Google Chrome to the latest version as soon as possible. Google has already released an update to fix these vulnerabilities.

To update Google Chrome:

   * Open Google Chrome.
   * Click the three dots in the top right corner of the window.
   * Select Help > About Google Chrome.
   * If there is an update available, Chrome will automatically download and install it.
   * Once the update is installed, Chrome will restart.

You can also check for updates manually by following these steps:

   * Open Google Chrome.
   * Click the three dots in the top right corner of the window.
   * Select Help > About Google Chrome.
   * Click Check for updates.

Apart from updating the system, here are some additional security tips you should follow to safeguard your devices from potential online vulnerabilities:

   * You should also be careful about the websites you visit and the links you click on. If you are not sure whether a website is safe, it is best to avoid it.
   * Use a strong password manager to create and store strong passwords for all of your online accounts.
   * Enable two-factor authentication (2FA) for all of your online accounts that offer it.
   * Be careful about what information you share online, especially on social media.
   * Keep your operating system and software up to date with the latest security patches.
   * Use a firewall and antivirus software to protect your computer from malware.

Courtesy: India Today