Sign in

Google Chrome Desktop users on these versions have high-risk hacking threat

High-risk threat to Google Chrome desktop users as remote hackers can gain access to systems, execute malicious operations, CERT-IN warns.

Published on: Oct 1, 2023, 15:19:49 IST
Share
Share via
  • facebook
  • twitter
  • linkedin
  • whatsapp
Copy link
  • copy link

The central cybersecurity agency has issued a warning to Google Chrome desktop users about a high-risk threat posed by remote hackers gaining access to systems and executing malicious operations.

CERT-IN has issued warning for Google Chrome users. (Reuters Photo)
CERT-IN has issued warning for Google Chrome users. (Reuters Photo)

On Friday, the Indian Computer Emergency Response Team (CERT-IN) published an advisory on its official website, classifying it as a high-severity threat due to various vulnerabilities identified in the web browser.

CERT-IN, a nodal agency under the Ministry of Electronics and Information Technology, highlighted in the vulnerability note, "Multiple vulnerabilities have been reported in Google Chrome for Desktop." It further explained that these vulnerabilities “could be exploited by a remote attacker to bypass security restrictions, execute arbitrary code, or cause denial of service conditions on the targeted system.”

Which versions are affected and why?

CERT-IN specified that these vulnerabilities exist only in the desktop version of Google Chrome web browser, specifically in versions prior to 117.0.5938.132 (for Windows, Mac, and Linux).

The flaws include a heap buffer overflow in vp8 encoding in libvpx and a use-after-free error in Passwords and Extensions.

A remote attacker could exploit these vulnerabilities by executing a specially crafted HTML page, according to CERT-IN.

How would it influence the system?

Using these vulnerabilities, the agency warned that a remote attacker could redirect users to malicious websites, gaining access to the system and bypassing security protocols. This would enable the remote hacker to execute arbitrary code and launch a denial of service attack, rendering the system unavailable to the legitimate user.

Recommended solution

The agency advises users to update their systems to the latest stable channel update available for the Google Chrome desktop browser.

The Information Technology (Amendment) Act of 2008 designates CERT-IN as a statutory body responsible for tracking computer security incidents, reporting vulnerabilities, and advocating robust IT security practices throughout the country. It also alerts users to flaws and cybersecurity threats such as hacking and phishing.

  • HT News Desk
    ABOUT THE AUTHOR
    HT News Desk

    Follow the latest breaking news, major developments and agenda-setting stories from India and around the world with the newsdesk at Hindustan Times. Operating round the clock, the desk brings together experienced editors, reporters and correspondents to deliver fast, accurate and contextual reporting across subjects that influence public policy, governance, business, society and international affairs. The HT News Desk covers politics, elections, government policies, the economy, business and markets, science and technology, the environment, law and order, infrastructure, education, climate issues and geopolitics, while closely tracking developments across states, institutions and global capitals. The team also leads coverage of major breaking news events, policy announcements, court proceedings, natural disasters, public emergencies and significant international developments. Reports published by the newsdesk are based on information gathered from reporters on the ground, official statements, government agencies, court records, regulatory filings, recognised institutions and other authoritative sources. Stories undergo editorial scrutiny and verification processes to ensure accuracy, fairness and relevance, and are updated as events evolve and additional information becomes available. Whether covering a key political decision in New Delhi, an economic policy shift affecting millions, a landmark court ruling or a major global event, the HT News Desk aims to provide readers with reliable, fact-based journalism that delivers not only the latest developments but also the context and analysis needed to understand their wider implications.Read More