skip to content

Govt Issues High Severity Warning For Google Chrome Users

Date:

New Delhi: The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning concerning multiple vulnerabilities identified in Google Chrome OS. In their recent security advisory dated February 08, 2024, marked as CIVN-2024-0031, the government research team has disclosed that the highlighted vulnerabilities pose a significant risk to users of Google Chrome OS versions preceding 114.0.5735.350 (Platform Version: 15437.90.0) on the LTS channel.

As per CERT-In, these identified vulnerabilities have the potential to be “exploited by a remote attacker to execute arbitrary code, gain elevated privileges, bypass security restrictions, or cause denial of service conditions on the targeted system.”

These vulnerabilities originate from two primary issues:

  1. Use after free in Side Panel Search: This vulnerability enables attackers to exploit memory errors within the Side Panel Search feature, potentially leading to the execution of arbitrary code or the circumvention of security measures.
  2. Insufficient data validation in Extensions: This vulnerability results from inadequate validation of data input in extensions, providing attackers with the opportunity to execute malicious actions on affected systems.

According to CERT-In’s vulnerability note, remote attackers can exploit these vulnerabilities by enticing unsuspecting victims to visit specially crafted web pages. Upon visiting these pages, the vulnerabilities will be triggered, allowing attackers to infiltrate unsuspecting users.

To counteract these vulnerabilities, CERT-In strongly recommends updating Google Chrome with the latest available update, incorporating security fixes from Google. Users are advised to promptly update their Google Chrome OS installations to version 114.0.5735.350 (or later) on the LTS channel. These updates include patches that address the identified vulnerabilities, thereby bolstering system security.

Users should exercise caution while browsing the internet, especially when visiting unfamiliar or suspicious websites. It is crucial to avoid clicking on links from untrusted sources or engaging with unsolicited emails or messages.

Implementing strong security practices, such as utilizing reputable antivirus software, consistently updating software and applications, and activating firewalls, can enhance defense mechanisms against potential threats.

Simultaneously, CERT-In is currently observing “Cyber Swachhta Fortnight” from February 1 to 15, 2024. The primary objective of this initiative is to ensure the digital security of the country by safeguarding cyberspace from botnets, which have the potential to infect and compromise end users’ systems.

In pursuit of this goal, CERT-In has introduced the ‘Cyber Swachhta Kendra’ (CSK), presenting the eScan Botnet Scanning & Cleaning Toolkit for laptops, desktops, and smartphones. Developed in collaboration with eScan, a reputable cybersecurity solutions vendor, this robust toolkit empowers citizens to scan and clean their devices, protecting them from potential botnet infections.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Subscribe

Popular

More like this
Related

IPL 2024: KKR Beat SRH By 8 Wickets To Clinch Their Third IPL Title

Sunrisers Hyderabad's gloomy outing with the bat in the Indian Premier League (IPL) 2024 final against Kolkata Knight Riders etched their names in history books, but on the unwanted side

IPL 2024: Kolkata Knight Riders Pacers Demolish SRH Batters, Restrict Hyderabad To 113 In Title Clash

On a night with clouds hovering over Chepauk, KKR pacers inflicted carnage on a red soil surface which offered more bounce for the speedsters

Turbulance Hits Qatar Airways Flight To Dublin, 12 Injured 

This incident comes days after a Singapore Airlines flight from London to Singapore was forced to land in Bangkok after severe turbulence resulted in the aircraft falling 6000 ft in just 5 minutes

IPL 2024 Final: SRH Wins Toss, Elects To Bat First

In what turns out to be a repeat of the Qualifier 1 clash, Sunrisers would look to turn the tides this time around after their batting-first approach flopped against the Riders