Update Google Chrome browser now to avoid hackers, says CERT-In
New Delhi: The government’s cybersecurity agency has warned Google Chrome users in the country to immediately upgrade to the new Chrome browser version to avoid remote hackers from intruding into their machines.
Google has released Chrome 84.0.4147.89 upgrade that contains 38 fixes and improvements against vulnerabilities.
“Multiple vulnerabilities have been reported in Google Chrome that could allow remote attacker to execute arbitrary code, bypass security restrictions, access sensitive information, contact spoofing attack and denial of service (DoS) attack on the targeted system,” the Computer Emergency Response Team-India (CERT-In) warned in its latest advisory.
These vulnerabilities, spotted by external security researchers, exist in Google Chrome due to heap buffer overflow, side-channel information leakage, type Confusion, inappropriate implementation in WebRTC, use after free, policy bypass, insufficient policy enforcement, incorrect security UI (user interface), etc.
“A remote attacker could exploit these vulnerabilities by creating a specially crafted webpage on the targeted system,” said the CERT-In advisory.
The solution is to upgrade to Chrome 84.0.4147.89.
Google has appreciated the help from security researchers during the development cycle to prevent security bugs from ever reaching the stable channel and hit millions of users.
In April, Google released a much-awaited Chrome update but also warned around 2 billion users of the browser about a security flaw across Windows, Mac and Linux.
The bug was critical enough to imply that it was exploitable and that exploiting it could let a crook implant malware on the computer.
Google made a list of all changes in the update for people to see and urged people to alert it if they find any new issue.
(Inputs from IANS)