The Indian Computer Emergency Response Team (CERT-In) has warned Google Chrome users of a high level threat. The cybercrime nodal agency highlighted some major vulnerabilities in the Chrome browser for the desktop.
CERT-In wants Chrome users to immediately update the browser to the latest version. Google acknowledged the vulnerabilities and released a fix via a software update.
“A majority of users may be kept updated with a fix until access to bug details and links is restricted. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” Google said in an official statement.
What is the issue?
The agency highlighted a new flaw in the Google Chrome version prior to 101.0.4951.41. The threat is primarily for desktop users only. Google has acknowledged the flaw and listed 30 vulnerabilities on the Chrome blog post. Around seven flaws have been classified as ‘High’ threats.
CERT-In further explained that these high level vulnerabilities can be exploited. It allow a remote attacker to execute arbitrary code and in turn gain access to sensitive information. A flaw is said to allow hackers to bypass security restrictions and cause buffer overflow on the targeted system.
The agency highlighted that “these vulnerabilities exist in Google Chrome due to Use after free in Vulkan, SwiftShader, ANGLE, Device API, Sharin System API, Ozone, Browser Switcher, Bookmarks, Dev Tools and File Manager; Inappropriate implementation in We Extensions API, Input, HTML Parser, Web Authentication and iframe; Heap buffer overflow in WebGPU and Web UI Set Confusion in V8; Out of bounds memory access in UI Shelf; Insufficient data validation in Blink Editing, Trusted Type Tools; Incorrect security UI in Downloads.”
Update your browser immediately
CERT-In has urged all Chrome desktop users to upgrade the browser to version 101.0.4951.41. The agency said that any version before this could be susceptible to attacks, which may eventually lead to loss of sensitive data. Researchers have discovered vulnerabilities in Windows, Mac as well as Linux
Google has started rolling out the update for Windows, Mac and Linux. The update should reach all users over the coming days or weeks.
If you want latest news now click here
How to update Chrome to latest version
Once the update is available, the browser should automatically update. But if it doesn’t, follow the following steps.
Step 1: Open Chrome browser
Step 2: Go to the right corner and click on three horizontal dots icon
Step 3: In the drop down menu, find the settings option
Step 4: Click on Help and then About Google Chrome option
Step 5: Chrome will now download any pending update.
Once you install the update, Chrome will shut down and restart again.