Government issues new Google Chrome warning: These are the affected users – Times of India

Google has started to roll out ‘milestone’ Chrome 100 update this week. The version brings in new design and features. With the update, Google Chrome also gets a new logo with the latest update. Apart from this, the new version also contains a number of fixes and improvements, a few of which can be exploited by a remote attacker to execute arbitrary code and access sensitive information on the targeted system. As per a latest high-severity warning issued by the Computer Emergency Response Team (CERT-In), under the IT ministry. Users of Google Chrome version prior to 100.0.4896.60 may be under high risk.
As per the warning, multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code and access sensitive information on the targeted system
“These vulnerabilities exist in Google Chrome due to Use after free in Portals, QR Code Generator, Cast UI, WebRTC, Shopping Cart, Tab Strip, File Manager, WebUI and Extensions; Heap buffer overflow in WebUI; Insufficient validation of untrusted input in WebOTP; Type Confusion in V8; Heap buffer overflow in WebUI; Inappropriate implementation in Web Share API, Full Screen Mode, Virtual Keyboard, Extensions, Web Cursor, Background Fetch API and Resource Timing. An attacker could exploit these vulnerabilities by sending specially crafted request.” the advisory reads.
To avoid any exploitation, the CERT-In wants Google Chrome users to update to version 100.0.4896.60. To know how to update your Chrome browser, you can follow these steps:

  1. Open Google Chrome browser on your device.
  2. Tap on the three-dot icon.
  3. Go to help.
  4. Tap on About Google Chrome.
  5. You will be able to see the version of your Chrome browser in the next window. If an update is available, will also be able to spot an update button.

Source link

Leave a Reply

Your email address will not be published.