Google Chrome users are warned by the Indian government of being vulnerable to cyberattacks due to multiple vulnerabilities existing in the browser. The Ministry of Electronics and Information Technology’s Indian Computer Emergency Response Team (CERT-In) has issued an online advisory to recommend users to update the Chrome browser to avoid targeted attacks, where a hacker could gain access to their systems by using an arbitrary code. The vulnerabilities in question were fixed by Google in Chrome 98 earlier this month. The nodal agency has categorised the severity of the issues as “high”.
The agency said that Google Chrome versions prior to 98.0.4758.80 are affected by the vulnerabilities.
“These vulnerabilities exist in Google Chrome due to Use after free in Safe Browsing, Reader Mode, Web Search, Thumbnail Tab, Strip, Screen Capture, Window Dialogue, Payments, Extensions, Accessibility, and Cast; Heap buffer overflow in ANGLE; Inappropriate implementation in Full Screen Mode, Scroll, Extensions Platform and Pointer Lock; Type Confusion in V8; Policy bypass in COOP and Out of bounds memory access in V8,” the advisory noted.
At the time of announcing the last release, Google said that access to bug details and links might be kept restricted until a majority of users do not update Chrome browser on their systems.
“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” it added.
Google Chrome gets automatic updates in the background. However, users with a vulnerable Chrome release can manually download the update by going to Chrome > About Google Chrome. Once the update is downloaded, you will need to relaunch the browser to have its latest version completely installed.