The Indian Computer Emergency Response Team (CERT-In), part of the IT ministry, has issue a ‘high severity’ warning for Google Chrome Internet browser users. As per the advisory, many vulnerabilities have been found in Google Chrome browser and these could be exploit by a remote attacker to execute arbitrary code on the target PC.
The attacker may get access to personal data and also inject malware to snoop on a target PC.
Google has already release a fix for these vulnerabilities in its latest software update for Chrome and it is highly advisable that Google Chrome users upgrade to the latest version soon.
Google recently announce that the Chrome Stable channel has been update to 96.0.4664.93 for Windows, Mac and Linux.
This update is already available for users.
Google Said :
“Extended stable channel has also update to 96.0.4664.93 for Windows and Mac which will roll out over the coming days/weeks.”
Google acknowledge that the latest Chrome update includes 22 security fixes, many of which were highlight by “external researchers”.
CERT-In in ts advisory Said :
“Multiple vulnerabilities exists in Google chrome due to Type Confusion in V8;Use after free in web apps, UI, window manager, screen capture, file API, auto fill and developer tools; Incorrect security UI in autofill, Heap buffer overflow in extensions, BFCache and ANGLE, Type Confusion in loader, Insufficient data validation in loader, Integer underflow in ANGLE and Insufficient validation of untrusted input in new tab page.”
CERT-In Adds :
“A remote attacker could exploit these vulnerabilities by enticing a victim to visit a specially crafted web page. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the targeted system.”
THANK YOU FOR READING.
