Menu Explore
Search Search
Tuesday, Mar 18, 2025
New Delhi oC
Subscribe
Games
E-Paper
close_game
close_game

Google Chrome Desktop users on these versions have high-risk hacking threat

ByHT News Desk
Oct 01, 2023 03:19 PM IST

High-risk threat to Google Chrome desktop users as remote hackers can gain access to systems, execute malicious operations, CERT-IN warns.

The central cybersecurity agency has issued a warning to Google Chrome desktop users about a high-risk threat posed by remote hackers gaining access to systems and executing malicious operations.

CERT-IN has issued warning for Google Chrome users.(Reuters Photo)
CERT-IN has issued warning for Google Chrome users.(Reuters Photo)

On Friday, the Indian Computer Emergency Response Team (CERT-IN) published an advisory on its official website, classifying it as a high-severity threat due to various vulnerabilities identified in the web browser.

CERT-IN, a nodal agency under the Ministry of Electronics and Information Technology, highlighted in the vulnerability note, "Multiple vulnerabilities have been reported in Google Chrome for Desktop." It further explained that these vulnerabilities “could be exploited by a remote attacker to bypass security restrictions, execute arbitrary code, or cause denial of service conditions on the targeted system.”

Which versions are affected and why?

CERT-IN specified that these vulnerabilities exist only in the desktop version of Google Chrome web browser, specifically in versions prior to 117.0.5938.132 (for Windows, Mac, and Linux).

The flaws include a heap buffer overflow in vp8 encoding in libvpx and a use-after-free error in Passwords and Extensions.

A remote attacker could exploit these vulnerabilities by executing a specially crafted HTML page, according to CERT-IN.

How would it influence the system?

Using these vulnerabilities, the agency warned that a remote attacker could redirect users to malicious websites, gaining access to the system and bypassing security protocols. This would enable the remote hacker to execute arbitrary code and launch a denial of service attack, rendering the system unavailable to the legitimate user.

Recommended solution

The agency advises users to update their systems to the latest stable channel update available for the Google Chrome desktop browser.

The Information Technology (Amendment) Act of 2008 designates CERT-IN as a statutory body responsible for tracking computer security incidents, reporting vulnerabilities, and advocating robust IT security practices throughout the country. It also alerts users to flaws and cybersecurity threats such as hacking and phishing.

rec-icon Recommended Topics
Share this article
See More
SHARE THIS ARTICLE ON
SHARE
Copy

Join Hindustan Times

Create free account and unlock exciting features like

Newsletters, Alerts and Recommendations Get personalised news and exciting deals Bookmark the stories you want to read later
Already have an account? Sign In
  • mint-logo
  • mint-lounge
  • HT_Auto
  • ht-tech
  • ht-bangla
  • healthshots
  • OTT-icons
  • slurrp-icon
  • ht-kannada
  • ht-tamil
  • ht-telegu
  • ht-marathi
  • Instore Radio - FAB Play
  • vc-circle
  • tech-circle
  • vcc-edge
  • edge-insights
Copyright © 2025 HT Digital Streams Limited. All Rights Reserved.
Story Saved
Live Score
Edit Profile
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Tuesday, March 18, 2025
Start 14 Days Free Trial Subscribe Now
Copyright © HT Digital Streams Ltd. All rights reserved.
Follow Us On