If hackers exploit these flaws, they could take over your device completely.
The Centre's Computer Emergency Response Team (CERT-in) has issued a warning over security issues found in specific versions of the Google Chrome web browser, urging everyone to update it immediately.
CERT-In, in their latest warning note called CIVN-2024-0170, pointed out several critical security flaws in Google Chrome. If hackers exploit these flaws, they could take over your device completely.
These vulnerabilities are classified as "high severity" because they could be used by “remote attackers to execute arbitrary code in the targeted system”, the report said. They might be able to run any code they want, crash the system so it can't be used, steal important information, or get around security measures.
Issues identified in the latest CERT-In report
1. Heap buffer overflow in ANGLE and Dawn: This happens when a program tries to write too much data to a certain part of memory, causing it to crash or letting attackers inject harmful code.
2. Use after free in Scheduling: This occurs when a program tries to use memory that it has already freed, leading to unintended code execution or crashes.
3. Type Confusion in V8: This happens when a program gets data in the wrong format, allowing attackers to bypass security measures or inject harmful code.
These flaws affect Chrome versions before 125.0.6422.76/.77 for Windows and Mac and before 125.0.6422.76 for Linux.
If attackers exploit these vulnerabilities, they can take over a victim's computer, steal data, install malware or attack other computers.
How to stay safe?
To protect yourself, the CERT-in advises updating your Chrome browser to the latest version right away.
1. Make sure Chrome updates automatically so you get the latest security fixes.
2. Install extensions that boost browser security by blocking harmful content and enforcing secure connections.
3. Regularly delete cookies, cache and history to reduce risks from compromised sites or tracking.
4. Be careful while browsing online and avoid clicking on suspicious links or downloading files from unknown sources to prevent phishing attacks.
5. Turn off browser plugins you don't need, as they can sometimes be used by hackers to access your system.