Indian government issues ‘high risk’ warning for Google Chrome users, remote attacker can…

Google Chrome is the most popular web browser across the globe and it is accessed by millions of users everyday. Google Chrome is known for its regular updates and for the ease of use, people often store and share a lot of our personal information including location, banking details and others via our browser. Although Google adds new security measures to Chrome from time to time, fraudsters often find a way to dupe victims. To keep the users safe, the Indian government has issued a high severity warning for users of Google Chrome version prior to 122.0.6261.111 for Windows, Mac and Linux users. The Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has revealed that multiple vulnerabilities have been reported in Google browser which can allow fraudsters to cause denial of service on your device.

Google rolls out updates for its browser from time to time to keep the users updated, however many users don’t update the app often due to lack of data, storage or ease of use. Such devices with older versions of the app are easy to exploit due to the exposed vulnerabilities. A few such dangerous vulnerabilities have now been mentioned by the Indian government in its warning for users of Google’s app.

According to CERT-In, these vulnerabilities exist in Google Chrome due to Use-after-free error within the FedCM component; Out of bounds memory access and inappropriate implementation in V8. A remote attacker could exploit these vulnerabilities by sending a specially crafted web page on the targeted system.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a Denial of Service (Dos) condition on the targeted system. To avoid any swindling, users should apply appropriate patches as mentioned by Google.