The Computer Emergency Response Team of the Indian government (CERT-In), a unit under the Ministry of Electronics and Information Technology, has issued a high-severity warning concerning Google Chrome users. CERT-In has identified several vulnerabilities in specific Chrome versions, flagging potential security risks.
These vulnerabilities could lead to phishing attacks, data breaches, and malware infections, putting users' sensitive information at risk. The advisory stresses the importance of users being vigilant and taking necessary precautions to safeguard their devices.
The Concerning Vulnerabilities
Google Chrome exhibits multiple security vulnerabilities that could allow attackers to gain control over users' computers. These vulnerabilities span different areas of Chrome, such as prompts, Web Payments API, SwiftShader, Vulkan, Video, and WebRTC. Exploitation could involve heap buffer overflow in Video or integer overflow in PDF.
The most alarming aspect is the potential for attackers to exploit these weaknesses by luring users to malicious websites. Visiting such sites could result in attackers taking control of users' computers and stealing personal data.
Affected Versions and Urgent Action
CERT-In has highlighted the affected Chrome versions housing these vulnerabilities. Users employing:
- Google Chrome versions earlier than 115.0.5790.170 for Linux and Mac
- Google Chrome versions earlier than 115.0.5790.170/.171 for Windows
Are advised to act immediately to safeguard their systems.
Protective Measures
CERT-In advises users to promptly update Google Chrome to mitigate risk and update them to the latest version available. Google has already released updates to address these vulnerabilities.
To update Google Chrome:
- Launch Google Chrome.
- Click the three dots at the window's top-right corner.
- Navigate to Help > About Google Chrome.
- If an update is available, then the latest Chrome version will automatically download and install on the device.
- Upon installation, Chrome will restart.
- Manual updates can also be checked:
Open Google Chrome.
- Click on the three dots in the top right corner of the window.
- Select Help > About Google Chrome.
- Click on Check for updates.
- In addition to updates, several security practices are recommended to safeguard devices from potential online threats:
Users will have to exercise caution while visiting the website and further clicking on links.
- If a site's safety is uncertain, avoid it.
- Utilize a robust password manager for generating and storing strong passwords across online accounts.
- Implement two-factor authentication (2FA) on accounts that support it.
- Exercise discretion in sharing personal information online, particularly on social media.
- Keep operating systems and software updated with the latest security patches.
- Employ firewall and antivirus software to shield devices from malware.
ALSO READ: Mark Zuckerberg and Priscilla Chan oversee layoffs of 48 employees in charitable endeavor
ALSO READ: KRAFTON aims for a $150 million investment to boost India's gaming and tech scene
