The Indian Computer Emergency Response Team (CERT-In) under the IT ministry has issued a high severity warning for Google Chrome browser users. The warning is for the users who are using the browser’s desktop version prior to 101.0.4951.41. As per the warning, multiple vulnerabilities have been reported in Google Chrome which can be exploited by someone to execute arbitrary code, obtain sensitive information, bypass security restriction and cause buffer overflow on the targeted system.
The advisory further reveals “these vulnerabilities exist in Google Chrome due to Use after free in Vulkan, SwiftShader, ANGLE, Device API, Sharing, File System API, Ozone, Browser Switcher, Bookmarks, Dev Tools and File Manager; Inappropriate implementation in WebGL, Extensions API, Input, HTML Parser, Web Authentication and frame;Heap buffer overflow in WebGPU and Web UI Settings; Type Confusion in V8; Out of bounds memory access in UI Shelf; Insufficient data validation in Blink Editing, Trusted Types and Dev Tools; Incorrect security UI in Downloads.”
Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, obtain sensitive information, bypass security restriction and cause buffer overflow on the targeted system. To avoid any swindling, the CERT-In wants Google Chrome users on desktop to update to version 101.0.4951.41. The mentioned version was rolled out by the tech giant last week and it contains a number of fixes and improvements.
Last week, the CERT-In also mentioned that multiple vulnerabilities have been reported in Android operating system users. The high severity warning was for users of Android 10, Android 11, Android 12 and Android 12L users. As per the advisory, successful exploitation of these vulnerabilities could allow the attacker to gain elevated privileges, disclose sensitive information, and cause denial of service (DoS) conditions on the targeted system.
Tech News Source link