Google Chrome users are urged to take immediate action following a high-risk warning issued by the Indian Computer Emergency Response Team (CERT-In). The cybersecurity team has identified several critical vulnerabilities in the popular web browser that could allow hackers to gain complete control over a user’s device.
If exploited, these security flaws can enable attackers to steal sensitive information, install malicious software, or even launch attacks on other systems.
The vulnerabilities outlined in CERT-In’s latest advisory (CIVN-2024-0170) include a heap buffer overflow in ANGLE and Dawn, use after free in Scheduling, and type confusion in V8. The heap buffer overflow occurs when a program attempts to write more data to a specific memory area than allocated, potentially leading to crashes or unauthorised code execution.
Moreover, the use after a free issue arises when a program tries to access memory after it has been freed, which can also result in crashes or malicious code execution. The type confusion vulnerability in V8 stems from a discrepancy between the expected data type and the actual data type, allowing attackers to bypass security measures and inject harmful code.
These security flaws affect Chrome versions earlier than 125.0.6422.76/.77 on Windows and Mac, and before 125.0.6422.76 on Linux. Google has already released patches for the identified vulnerabilities to mitigate these risks. Users are strongly advised to update their browsers to version 125.0.6422.76/.77 for Windows and Mac, and 125.0.6422.76 for Linux, to protect their devices from potential attacks.
In addition to updating Chrome, users can enhance their browser security by enabling automatic updates, ensuring they receive the latest patches promptly. Installing security extensions can also provide an additional layer of protection by enforcing secure connections, blocking harmful content, and managing script execution. Regularly clearing browsing data, including cookies, cache, and history, can help reduce the risk from compromised websites or persistent tracking.
Users should also exercise caution when clicking on links or downloading attachments from unknown sources, as phishing remains a prevalent method for exploiting browser vulnerabilities. Reviewing and disabling non-essential browser plugins can further reduce the attack surface, as cyber attackers can sometimes leverage these plugins to infiltrate systems.
By taking these precautions, Chrome users can better safeguard their devices and personal information against the threats posed by these newly discovered vulnerabilities.
You are on Mint! India’s #1 news destination (Source: Press Gazette). To learn more about our business coverage and market insights Click Here!
Download The Mint News App to get Daily Market Updates & Live Business News.
Published: 23 May 2024, 03:13 PM IST