Govt cyber-watchdog warns of hacker attack if Google Chrome browser is not updated

Update: 2022-02-07 12:19 GMT
People using the Google Chrome version older than version 98.0.4758.80 are at high risk and need to hit the update button immediately, warned CERT-In

CERT-In (Indian Computer Emergency Response Team), the government’s cyber-security agency, has issued a ‘high severity warning’ and urged users to immediately update to Google Chrome 98, the latest Google Chrome browser version.

The agency has warned that if users fail to update their browser to the newer version, hackers may just steal their data and even track them. The attack could allow access to the personal data of the affected system. Moreover, attackers could also inject malware that could allow the system to get further compromised.

People using the Google Chrome version older than version 98.0.4758.80 are at high risk and need to hit the update button immediately.

How do you update Chrome browser?

Go to your Settings menu by clicking on the three dots on the top right corner of the browser on the web, and then go to ‘About Chrome’ and allow the browser to update.

Also read: Buffering: Facebook reports first-ever quarterly decline in India

High Severity warning

The agency has issued a ‘high severity’ warning. The CERT-In advisory said: “Multiple vulnerabilities have been reported in Google Chrome which could allow an attacker to execute arbitrary code on the targeted system.”

The high severity warning is for users of Android 9, Android 10, Android 11 and Android 12, as well as for Windows and Linux users using Chrome.

These vulnerabilities exist in Google Chrome due to Use after free in Storage, Screen Capture, Sign-in, SwiftShader, PDF, Autofill and File Manager API; Inappropriate implementation in DevTools, Navigation, Autofill, Blink, WebShare, Passwords and Compositing; Heap buffer overflow in Media streams API, Bookmarks and ANGLE; Type Confusion in V8; Incorrect security UI in Autofill, Browser UI; Out of bounds memory access in Web Serial; Uninitialized Use in File API and Policy bypass in Service Workers,” CERT-In advisory explained.

As per the advisory, a remote attacker could exploit these vulnerabilities by tempting a victim to visit a special web page could result in the execution of arbitrary code on a targeted system.

Google recently released Chrome 98 to the stable channel for Windows, Mac and Linux. In their official blog post Google said that Chrome 98.0.4758.80/81/82 for windows and 98.0.4758.80 for mac and linux contains a number of fixes and improvements — a list of changes is available in the log.-In  version.

Tags:    

Similar News