Important: Fix Google Chrome Now to Stay Safe from Cyber Attacks
Google Chrome desktop versions face severe security risks. Indian CERT recommends urgent updates to fix remote code execution and denial-of-service vulnerabilities.
image for illustrative purpose
The Indian Computer Emergency Response Team (Cert-In) has flagged multiple critical security flaws identified in Google Chrome for desktop platforms, urging users and organizations to update their browsers immediately.
Cert-In’s advisory highlights that several high-risk vulnerabilities affect Google Chrome versions released before 137.0.7151.55 on Linux, and versions earlier than 137.0.7151.55/56 for Windows and macOS. These flaws, if exploited, may enable attackers to run unauthorized code remotely or cause denial-of-service (DoS) attacks, impacting system stability and security.
The vulnerabilities stem from issues such as use-after-free bugs in the browser’s compositing and libvpx components, implementation errors in the Background Fetch API, FileSystemAccess API, Messages, BFCache, and Tab Strip features, alongside an out-of-bounds write weakness within the V8 JavaScript engine.
Attackers could exploit these weaknesses by tricking users into visiting maliciously crafted websites, potentially leading to arbitrary code execution or system crashes.
Cert-In recommends that all end-users and organizations employing Google Chrome on desktops prioritize installing the latest updates as released by Google. Applying these patches is vital to safeguarding systems from potential cyber threats linked to these vulnerabilities.
