Cyber Threat Alert: Multiple Vulnerabilities Found In Google Chrome For Indian Users

Hero Image
publisher-logo
NP English
Sun, 01 Oct 2023 10:44:24 IST
whatsapp
The Computer Emergency Response Team in India (CERT-In) has issued a high-risk warning for users of Google Chrome in the country, urging them to promptly update their Chrome browsers. This advisory comes in response to the discovery of multiple vulnerabilities in Google Chrome that could potentially enable attackers to execute arbitrary code, circumvent security measures, or trigger a denial-of-service situation on the targeted system.


CERT-In reported, "Multiple vulnerabilities exist in Google Chrome due to Heap buffer overflow error in WebP; Inappropriate implementation in Custom Tabs, Prompts, Input, Intents, Picture in Picture, and Interstitials; Insufficient policy enforcement in Downloads and Autofill ."

The agency also noted that cyber attackers could exploit these vulnerabilities by luring victims to visit specially crafted websites. Successful exploitation of these vulnerabilities could grant an attacker the ability to execute arbitrary code, bypass security restrictions, or disrupt the functioning of the targeted system.


Here is a list of the Chrome software versions affected by these vulnerabilities:

  • Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.188 (for Mac and Linux )
  • Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.187 (for Windows )
  • Google Chrome for Desktop versions prior to 117.0.5938.62 (for Mac and Linux)
  • Google Chrome for Desktop versions prior to 117.0.5938.62/.63 (for Windows)

CERT-In highlighted that one of these vulnerabilities, identified as CVE-2023-4863, is currently being actively exploited in the wild. Therefore, users are strongly advised to patch their vulnerable devices without delay.


Google has already taken action to address these security concerns and has released updates and security fixes that contain patches and solutions for these issues. In a blog post, Google stated, "The Stable and Extended stable channels have been updated to 116.0.5845.187 for Mac and Linux and 116.0.5845.187/.188 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. The Extended Stable channel has been updated to 116.0.5845.188 for Windows and 116.0.5845.187 for Mac, which will roll out over the coming days/weeks."

In light of this, users are strongly encouraged to update their Chrome browsers immediately to safeguard their systems and data from potential cyber threats.