Google Chrome users at high risk of hacking, govt advises urgent update to stay safe | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

India’s cybersecurity agency, CERT-In, has issued a high-risk alert for users of the desktop version of Google Chrome. The warning highlights multiple vulnerabilities in Google Chrome that could allow remote attackers to execute arbitrary code on targeted systems. To avoid these targeted attacks, users are strongly advised to update their browsers immediately.

According to CERT-In, Multiple vulnerabilities exist in Google Chrome versions of Windows and Mac which could allow a remote attacker to take control of your system or crash it (denial-of-service).

Let’s take a detailed look at what is the risk and how users can protect their system from being hacked.

What is the issue

According to CERT-In the noted vulnerabilities in Google Chrome primarily exist due to the following issues:

  • Object Corruption in V8 and WebAssembly: This can lead to unexpected behaviour or code execution.
  • Use-After-Free in V8, Downloads, and QUIC: This can lead to data corruption, crashes, or arbitrary code execution.
  • Inappropriate Implementation in Autofill, Extension, Network, and Prompts: This can lead to potential data leakage or unexpected behaviour.
  • Out-of-Bounds Read in Fonts: This can cause data corruption or potential execution of arbitrary code.
  • Insufficient Policy Enforcement in Site Isolation and WebUI: This can lead to security breaches.
  • Insufficient Data Validation in Browser Switcher and Downloads: This can allow malicious data to bypass security checks.

What are the risks

Remote code execution: An attacker could exploit these vulnerabilities to take complete control of your computer. This could allow them to steal your data, install malware, or damage your system.

Denial-of-service (DoS): An attacker could crash your Chrome browser or even your entire computer, making it unusable.

Software affected

Versions of Google Chrome prior to 124.0.6367.60 for Windows and Mac are vulnerable to the highlighted Vulnerabilities.

How to stay safe

– Update Google Chrome: The most important step is to update Google Chrome to the latest version (124.0.6367.60 or later). Google has already released the fix and update, you can update Chrome by following these steps:

  • Open Chrome.
  • Click on the three vertical dots in the top right corner of the window.
  • Click on “Settings”.
  • Click on “About Chrome”.
  • Chrome will automatically check for updates. If an update is available, it will download and install it.

– Be careful what websites you visit: Avoid visiting untrusted websites, especially those that offer illegal downloads or streaming content. These websites are more likely to contain malicious code that could exploit the vulnerabilities in your browser.

Don’t click on suspicious links: Phishing emails and messages often contain links that can lead to malicious websites. Don’t click on any links in emails or messages from unknown senders.

– Enable pop-up blocker: Pop-up blockers can help prevent malicious websites from opening new windows or tabs on your browser.

– Regularly Clear Cache and Browsing Data: This can help remove any potentially harmful data from your browser.

– Monitor for Unusual Activity: Stay vigilant for any signs of unusual activity on your system, such as unexpected pop-ups or system crashes.

– Use Strong and Unique Passwords: Ensure your accounts and devices are secured with strong, unique passwords.

-Use a security suite: Consider using a security suite that includes a firewall and antivirus protection. This can help to block malware and other threats from infecting your computer.

Published By:

Divya Bhati

Published On:

Apr 22, 2024


Click Here For The Original Story From This Source.


National Cyber Security