India’s Computer Emergency Response Team (CERT-In) has issued a high risk advisory for Google Chrome users. The advisory warns of multiple vulnerabilities in the browser that could be exploited by a remote hacker to gain access to the victim’s system. The cyber security body advises Google Chrome users to update their browsers to secure from these vulnerabilities.Here’s all that you need to know about the CERT-In advisory
Google Chrome versions impacted
As per the CERT-In warning, Google Chrome for Desktop versions prior to 131.0.6778.204/.205 (for Windows and Mac) and Google Chrome for Desktop versions prior to 131.0.6778.204 (for Linux) are affected by the vulnerability. The body, working under the aegis of the Ministry of Electronics and Information Technology, has marked it with ‘high’ severity risk.
It says that all end-user organizations and individuals using Google Chrome for desktop are at risk of potential sensitive information disclosure or system instability due to the security flaw.
What the government advisory says
CERT-In says “Multiple vulnerabilities have been reported in Google Chrome, which could be exploited by a remote attacker to execute arbitrary code or cause denial of service (DoS) condition on the targeted system.” The cyber security watchdog says that these vulnerabilities exist in Google Chrome due to:
- Type Confusion in V8
- Out of bounds memory access in V8
- Out of bounds write in V8 and Use after free in compositing.
What should Google Chrome users do
Google Chrome users are advised to update their devices to the latest version of the browser. Google has already updated the stable channel to 131.0.6778.204/.205 for Windows, Mac and 131.0.6778.204 for Linux.