Google Chrome users are warned by the Indian government of being vulnerable to cyberattacks due to multiple vulnerabilities existing in the browser. The Ministry of Electronics and Information Technology’s Indian Computer Emergency Response Team (CERT-In) has issued an online advisory to recommend users to update the Chrome browser to avoid targeted attacks, where a hacker could gain access to their systems by using an arbitrary code. The vulnerabilities in question were fixed by Google in Chrome 98 earlier this month. The nodal agency has categorised the severity of the issues as “high”.
“Multiple vulnerabilities have been reported in Google Chrome which could allow an attacker to execute arbitrary code on the targeted system,” CERT-In wrote in its advisory.
The agency said that Google Chrome versions prior to 98.0.4758.80 are affected by the vulnerabilities.
“These vulnerabilities exist in Google Chrome due to Use after free in Safe Browsing, Reader Mode, Web Search, Thumbnail Tab, Strip, Screen Capture, Window Dialogue, Payments, Extensions, Accessibility, and Cast; Heap buffer overflow in ANGLE; Inappropriate implementation in Full Screen Mode, Scroll, Extensions Platform and Pointer Lock; Type Confusion in V8; Policy bypass in COOP and Out of bounds memory access in V8,” the advisory noted.
Earlier this month, Google publicly announced the release of Chrome 98 for Windows, macOS, and Linux users. The update included 27 security fixes in total, the company said.
At the time of announcing the last release, Google said that access to bug details and links might be kept restricted until a majority of users do not update Chrome browser on their systems.
“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” it added.
Google Chrome gets automatic updates in the background. However, users with a vulnerable Chrome release can manually download the update by going to Chrome > About Google Chrome. Once the update is downloaded, you will need to relaunch the browser to have its latest version completely installed.