Government issues ‘high severity’ warning for these Google Chrome OS users

Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued a ‘high severity’ warning for Google Chrome operating system users. The warning from the government’s cybersecurity team is for users who are using Google Chrome OS versions prior to 96.0.4664.209. As per the warning, multiple vulnerabilities have been reported in the OS that can be exploited by a remote attacker to execute arbitrary code on the targeted system.

This means that an attacker can run commands or code on a Google Chrome OS device without user’s permission. Although the market share of Google Chrome OS is quite limited in the country, it is slowly attracting more users, especially after the introduction of Chrome OS Flex.

Here’s what the government agency has said about the Google Chrome OS

As per the CERT-In warning, “these vulnerabilities exist in Google Chrome OS due to Heap buffer overflow in V8 Internationalization; Use after free in Sharesheet, Performance Manager, Performance APIs; Vulnerability reported in dev-libs/libxmi2; Insufficient validation of untrusted input in Data Transfer and Out of bounds memory access in UI Shelf. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system.”

How Google Chrome OS users can protect themselves

To help users stay safe from cybercriminals, Google regularly rolls out updates for its products, including Chrome OS. To address the vulnerabilities in the OS, the tech giant released build 96.0.4664.209 later last month. CERT-In advises that users should install the latest version of Google Chrome OS to avoid any exploitation.

Apart from this, CERT-In has also issued an advisory for the users of Mozilla products