In a recent development, the Indian Computer Emergency Response Team (CERT-In) has issued a high-priority security warning for users of Google Chrome, signaling potential risks of hacking. The warning focuses on multiple critical vulnerabilities in Google Chrome versions, emphasizing the urgency for users to take immediate actions to secure their systems.
Vulnerability Overview:
The vulnerabilities, categorized with a severity rating of HIGH, impact Google Chrome versions prior to 121.0.6167.160/161 for Windows and versions prior to 121.0.6167.160 for Mac and Linux systems. These vulnerabilities arise from “Use after free in Mojo” and “Heap buffer overflow in Skia,” posing risks of remote attackers executing arbitrary code, causing denial of service (DoS) conditions, and disclosing sensitive information stored on the targeted system.
Potential Impact:
If exploited, these vulnerabilities could lead to severe consequences, including unauthorized execution of arbitrary code, disruption of services through DoS attacks, and unauthorized access to sensitive information stored on affected systems. Given the widespread use of Google Chrome globally, the potential impact of these vulnerabilities on user data and system security is significant.
Recommended Action:
To mitigate the risks associated with these vulnerabilities, CERT-In strongly recommends users to promptly apply the necessary updates provided by Google. Users are urged to upgrade their Google Chrome installations to version 121.0.6167.160/161 for Windows and version 121.0.6167.160 for Mac and Linux systems. This swift action is crucial to protecting against potential exploitation of these critical vulnerabilities.
Users are advised to stay vigilant and adopt proactive measures to safeguard their systems from potential cyber threats. Regularly updating software applications, especially web browsers, is essential to ensure the security and integrity of personal and organizational data. Staying informed and promptly addressing security advisories, such as this one, empowers users to actively contribute to maintaining a secure online environment.
