Google Chrome Desktop users on these versions have high-risk hacking threat - Hindustan Times

Google Chrome Desktop users on these versions have high-risk hacking threat

Oct 01, 2023 03:19 PM IST

High-risk threat to Google Chrome desktop users as remote hackers can gain access to systems, execute malicious operations, CERT-IN warns.

The central cybersecurity agency has issued a warning to Google Chrome desktop users about a high-risk threat posed by remote hackers gaining access to systems and executing malicious operations.

CERT-IN has issued warning for Google Chrome users.(Reuters Photo)
CERT-IN has issued warning for Google Chrome users.(Reuters Photo)

On Friday, the Indian Computer Emergency Response Team (CERT-IN) published an advisory on its official website, classifying it as a high-severity threat due to various vulnerabilities identified in the web browser.

Hindustan Times - your fastest source for breaking news! Read now.

CERT-IN, a nodal agency under the Ministry of Electronics and Information Technology, highlighted in the vulnerability note, "Multiple vulnerabilities have been reported in Google Chrome for Desktop." It further explained that these vulnerabilities “could be exploited by a remote attacker to bypass security restrictions, execute arbitrary code, or cause denial of service conditions on the targeted system.”

Which versions are affected and why?

CERT-IN specified that these vulnerabilities exist only in the desktop version of Google Chrome web browser, specifically in versions prior to 117.0.5938.132 (for Windows, Mac, and Linux).

The flaws include a heap buffer overflow in vp8 encoding in libvpx and a use-after-free error in Passwords and Extensions.

A remote attacker could exploit these vulnerabilities by executing a specially crafted HTML page, according to CERT-IN.

How would it influence the system?

Using these vulnerabilities, the agency warned that a remote attacker could redirect users to malicious websites, gaining access to the system and bypassing security protocols. This would enable the remote hacker to execute arbitrary code and launch a denial of service attack, rendering the system unavailable to the legitimate user.

Recommended solution

The agency advises users to update their systems to the latest stable channel update available for the Google Chrome desktop browser.

The Information Technology (Amendment) Act of 2008 designates CERT-IN as a statutory body responsible for tracking computer security incidents, reporting vulnerabilities, and advocating robust IT security practices throughout the country. It also alerts users to flaws and cybersecurity threats such as hacking and phishing.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away!- Login Now! Catch all the Latest Technology Mobile, Gadgets,Tech News from India and around the world
Share this article

    Follow the latest breaking news and developments from India and around the world with Hindustan Times' newsdesk. From politics and policies to the economy and the environment, from local issues to national events and global affairs, we've got you covered.

Story Saved
Live Score
Saved Articles
My Reads
Sign out
New Delhi 0C
Friday, February 23, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On