Srinagar: The Computer Emergency Response Team (CERT-In) has issued a high-severity-rated warning cautioning against multiple vulnerabilities in the popular web browser Google Chrome, which could allow a remote attacker to execute arbitrary code and cause a denial of service condition on the targeted system.
CERT-In, which comes under the Ministry of Electronics and Information Technology, Government of India, issued the alert in response to the tech giant’s recent revelation of numerous vulnerabilities in its ubiquitous browser platform that might be exploitable by malicious entities.
These vulnerabilities could potentially allow hackers to execute arbitrary code, gain unauthorised access to sensitive information, or cause Denial of Service (DoS) attacks.
This development poses cyber security challenges to millions of Google Chrome users, jeopardising their online safety and data privacy.
“A remote attacker could allow these vulnerabilities by executing a specially crafted HTML page,” CERT-In said in a statement.
CERT-In is the national nodal agency for responding to computer security incidents as and when they happen.
These vulnerabilities exist in Google Chrome due to heap buffer overflow in vp8 encoding libvpx, and use-after-free error in passwords and extensions.
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, bypass security restrictions, or cause a DoS condition on the targeted system, the CERT-In said.
The CERT said that these vulnerabilities could affect desktop versions before 117.0.5938.132 and CERT-In has recommended applying appropriate updates.
A popular method amongst these is to entice unsuspecting internet users into visiting malicious websites.
These concealed cyber threats exploit user vulnerabilities, allowing hackers to infiltrate their systems with ease.
CERT-In has urged the users to upgrade Google Chrome browser immediately for the affected software. Furthermore, the cyber security organisation recommends users keep their browsers and other software up to date to avoid future dangers.