A ‘high severity’ warning has been issued by the Indian Computer Emergency Response Team (CERT-In), part of the IT ministry. The advisory states that several vulnerabilities have been found in Google Chrome, which can be exploited by a remote attacker to execute arbitrary code on the target PC.
An attacker may gain access to personal data and inject malware into a victim’s computer. This vulnerability has already been fixed by Google in its latest software update for Chrome. It is highly recommended that Chrome users upgrade to the latest version as soon as possible.
According to Google, the Chrome Stable channel for Windows, Mac, and Linux has been updated to 96.0.4664.93. Users can already download the update. Google also announced that ‘The extended stable channel was updated to 96.0.4664.93 for Windows and Mac in the coming days/weeks’. Google acknowledged that the latest Chrome update includes 22 security fixes, many of which were identified by ‘external researchers’.
CERT-In in its advisory said, ‘Multiple vulnerabilities exist in Google chrome due to Type Confusion in V8; Use after free in web apps, UI, window manager, screen capture, file API, auto-fill and developer tools; Incorrect security UI in autofill; Heap buffer overflow in extensions, BFCache and ANGLE; Type Confusion in loader; Insufficient data validation in loader; Integer underflow in ANGLE and Insufficient validation of untrusted input in the new tab page’.
Read more: Israeli firm stores solar energy for use at night by using air and water
As CERT-In warned users, ‘Remote attackers could take advantage of these vulnerabilities by enticing victims to visit a specially crafted website. If exploited successfully, these vulnerabilities could allow an attacker to run arbitrary code on a targeted system’.
Post Your Comments