The cybercrime agency CERT-In has highlighted some major vulnerabilities in the Google Chrome browser for desktops, giving it a high severity rating. The agency has highlighted the versions that are impacted by the multiple flaws.
These flaws can be exploited in order to allow a remote attacker to execute arbitrary code and in the process also obtain sensitive information. The hacker will be able to bypass security restrictions and cause buffer overflow on the targeted system.
The agency claims that these vulnerabilities exist in Google Chrome due to Use after free in Vulkan, SwiftShader, ANGLE, Device API, Sharin System API, Ozone, Browser Switcher, Bookmarks, Dev Tools and File Manager; Inappropriate implementation in We Extensions API, Input, HTML Parser, Web Authentication and iframe; Heap buffer overflow in WebGPU and Web UI Set Confusion in V8; Out of bounds memory access in UI Shelf; Insufficient data validation in Blink Editing, Trusted Type Tools; Incorrect security UI in Downloads.
According to CERT-In, the Google Chrome version prior to 101.0.4951.41 has been impacted by the new flaw in the software. Google has also acknowledged the issues. The search giant listed 30 vulnerabilities on the Chrome blog post, out of which seven have been classified as ‘High’ threats. The vulnerabilities have been spotted for Windows, Mac, and Linux platforms.
Google said, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”
CERT-In suggested users to upgrade their Google Chrome version to 101.0.4951.41. If the browser does not update automatically, the user can force it to move to the latest version by finding it manually. Below are the steps:
· Open Chrome
· Go to the right corner and click on the three horizontal dots
· You will get a drop-down menu
· In that menu look for the settings option
· Once you enter settings, you need to click on Help and then on About Google Chrome
· Chrome should download any pending update
· Once it is installed, you might have to shut down the browser and reopen it.
Discussion about this post