The Indian Computer Emergency Response Team (CERT-In), which is part of the Ministry of Information Technology, has issued a ‘high severity warning to Google Chrome users. According to the alert, the Google Chrome browser has numerous vulnerabilities that might be exploited by a remote attacker to execute arbitrary code on the affected PC.
The attacker might gain access to personal information as well as insert malware into a computer to spy on it. Google has already provided a patch for these vulnerabilities in its most recent Chrome software update, and it is highly recommended that users switch to the most recent version as soon as possible. Google has announced that the Chrome Stable channel for Windows, Mac, and Linux has been updated to 96.0.4664.93. Users can already download the update. Google also announced that the “Extended stable channel for Windows and Mac has been updated to 96.0.4664.93, which will roll out over the coming days/weeks.” Google admitted that the newest Chrome update contains 22 security updates, many of which “external researchers” identified.
“Multiple vulnerabilities exist in Google Chrome due to Type Confusion in V8; Use after free in web apps, UI, window manager, screen capture, file API, autofill, and developer tools,” according to CERT-In in its advisory. Autofill security UI is incorrect; heap buffer overflow in extensions, BFCache, and ANGLE; type confusion in the loader; insufficient data validation in the loader; integer underflow in ANGLE; and insufficient validation of untrusted input in the new tab page.”
Users should be aware that the CERT has issued a warning.
“A remote attacker may exploit these vulnerabilities by luring a victim to a specially designed web page,” the researchers explained. A remote attacker could be able to execute arbitrary code on the targeted system if these vulnerabilities are exploited successfully.”