The government has issued a warning to consumers about various vulnerabilities in the Google Chrome desktop program, which might allow hackers to get access to sensitive information and circumvent security measures. The government has recommended Chrome users upgrade their browsers to avert security breaches in a warning posted by the Indian Computer Emergency Response Team (CERT-In), the main organization for cybersecurity threats.
Google also recognized the flaws in the browser and issued an upgrade. According to CERT-In, the flaws allowed attackers to remotely execute arbitrary code on the browser and create a buffer overflow on the targeted machine. Buffer overflow is an attempt to damage software by writing more data to a fixed-length memory block.
‘A vulnerability in Google Chrome has been detected, which might allow a remote attacker to execute arbitrary code on the targeted machine,’ CERT-In stated in its alert. ‘What’s more concerning is that the vulnerability has already been exploited by hackers, and Google Chrome users are strongly advised to upgrade quickly.’ The security flaws were given a ‘high’ severity grade by the agency.
‘This vulnerability occurs in Google Chrome owing to a type misunderstanding mistake inside the V8 JavaScript engine component in Google Chrome. A remote attacker might exploit this issue by submitting a specially designed website, causing a type misunderstanding error, and executing arbitrary code on the targeted system. Successful exploitation of this vulnerability might allow a remote attacker to execute arbitrary code and seize control of the affected machine,’ CERT-In stated.
In a blog post published last month, Google recognized the problems raised by the Indian agency. Chrome 101.0.4951.41 for macOS, Windows, and Linux was published, and it included 29 security patches. A similar caution was recently issued by CERT-In for Mozilla Firefox users. It discovered multiple security flaws that may be exploited to circumvent security measures, conduct spoofing attacks, execute arbitrary code, and collect sensitive information.
Post Your Comments