'Apply updates': Govt issues high-risk warning for Google Chrome users

The Ministry of Electronics and Information Technology on Wednesday issued a high-severity warning for Google Chrome users, saying multiple vulnerabilities exist in the browser. In a warning note, the Computer Emergency Response Team of the Indian government (CERT-In), an agency operating under the ministry, has flagged multiple vulnerabilities within specific versions of Google Chrome, alerting users to potential security risks.

According to the warning, Chrome users might encounter various security issues that could potentially compromise their sensitive information. These risks include phishing attacks, data breaches, and malware infections.

"Multiple vulnerabilities exist in Google Chrome due to Type Confusion in V8; Heap buffer overflow in Visuals; Out of bounds read and write in WebGL; Out of bounds memory access in ANGLE; Use after free in Blink Task Scheduling, Cast and WebRTC; Insufficient data validation in Extensions and Inappropriate implementation in Extensions," the note said.

The agency further said that successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, bypass security restrictions or cause a denial-of-service condition on the targeted system.

As per the note, Google Chrome has multiple security vulnerabilities that could allow an attacker to take control of one's computer system. These vulnerabilities exist in prompts, Web Payments API, SwiftShader, Vulkan, Video, and WebRTC. Due to vulnerabilities, an attacker could also exploit a heap buffer overflow in Video or an integer overflow in PDF.

India Today reported that the most concerning part is that an attacker could exploit these vulnerabilities by tricking users into visiting a malicious website. And if one visits a malicious website, the attacker could take control of the user's computer and steal his or her personal information.

CERT-In has highlighted the affected versions of Google Chrome containing these vulnerabilities - Google Chrome versions prior to 115.0.5790.170 for Linux and Mac, and Google Chrome versions prior to 115.0.5790.170/.171 for Windows.

The agency has advised users to promptly update Google Chrome to the latest version as soon as possible. Google has already released an update to fix these vulnerabilities.

To update Google Chrome, users need to open the browser and click the three dots in the top right corner of the window. After this, users need to select 'Help' and then 'About Google Chrome'. If there is an update available, Chrome will automatically download and install it. And once the update is installed, Chrome will restart.

(With inputs from Divya Bhati)