Modi govt warns Google Chrome users against hacking threat - Hindustan Times
close_game
close_game

Modi govt warns Google Chrome users against hacking threat

By | Edited by Aryan Prakash
Oct 01, 2022 03:59 PM IST

CERT-IN has alerted that these flaws could be exploited by a remote attacker to bypass security restriction, execute arbitrary code or cause denial of service conditions on the targeted system.

The Narendra Modi government has warned Google Chrome desktop users of a high-risk threat against remote hackers getting entry to the system and implementing malicious operations.

CERT-IN has specified the susceptibilities are found only on the desktop version of Google Chrome web browser.( AP)
CERT-IN has specified the susceptibilities are found only on the desktop version of Google Chrome web browser.( AP)

On Friday, the Indian Computer Emergency Response Team (CERT-IN) has published the advisory on its official website, marking it a high severity rating as various vulnerabilities are exposed in the web browser.

Hindustan Times - your fastest source for breaking news! Read now.

CERT-IN, a nodal agency under the ministry of electronics and information technology, alerted in the vulnerability note, “Multiple vulnerabilities have been reported in Google Chrome for Desktop.” It included that these “could be exploited by a remote attacker to bypass security restriction, execute arbitrary code or cause denial of service conditions on the targeted system.”

Information Technology (Amendment) Act of 2008 designates CERT-IN as a statutory body. This nodal agency tracks computer security incidents, reports on vulnerabilities, and advocates powerful IT safeguards throughout the country. It alerts users to flaws and cybersecurity dangers like hacking and phishing.

Which versions are affected and why?

CERT-IN has specified the susceptibilities are found only on the desktop version of Google Chrome web browser. The software running on updates earlier than 106.0.5249.61 for Mac/Linux and 106.0.5249.61/62 for Windows is said to be influenced.

As per the report, these flaws exist in Google Chrome for Desktop due to Use-after-free (arising from the operation of dynamic memory allocation) in the CSS, Survey, Assistant, Import and Media.

The insufficient verification of untrusted input in Developer Tools, VPN, Intents and Safe browsing, while lack of policy enforcement in Developer Tools, Custom Tabs, are also believed to raise these vulnerabilities.

ALSO READ: Do you regularly attend Zoom meets? This Centre advisory is meant for you

Apart from this, the vulnerabilities are also thought to stem because of incorrect security UI in Full Screen, Use-after-free in logging, Type confusion in Blink, and Use-after-free in ChromeOS Notifications.

How would it influence the system ?

Using these vulnerabilities, the agency warns, a remote attacker could command the users to malicious websites. It will give entry of the system to the attacker, circumventing the security protocols in place on the device. A remote hacker then could perform arbitrary code and introduce a denial of service attack, causing the system unavailable to the original user.

The solution

Users are advised by the agency to upgrade their system to the latest stable channel update available for Google Chrome desktop browser.

Unlock a world of Benefits with HT! From insightful newsletters to real-time news alerts and a personalized news feed – it's all here, just a click away!- Login Now! Catch all the Latest Technology Mobile, Gadgets,Tech News from India and around the world
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Friday, March 29, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On