Indian CERT-In Warns Of High-Severity Risks In Google Chrome: Urgent Action Required

India's Computer Emergency Response Team (CERT-In) has issued a high-severity alert regarding Google Chrome, warning users of potential vulnerabilities that compromise sensitive data. CERT-In highlights that various security flaws exist within specific Chrome versions, potentially exposing users to phishing attacks, data breaches, and malware threats.

The vulnerabilities encompass areas such as V8 Type Confusion, Web Payments API, and WebRTC, enabling attackers to exploit heap buffer overflow and integer overflow. Of particular concern is the ability of attackers to manipulate users into visiting malicious websites, granting them control over devices and personal information.

CERT-In lists several vulnerabilities, including CVE-2023-4068 to CVE-2023-4078, affecting Google Chrome versions prior to 115.0.5790.170/.171 for Windows, and prior to 115.0.5790.170 for Linux and Mac. To mitigate risks, users are urged to update to the latest version of Chrome by visiting 'Help' > 'About Google Chrome'. This automatic update will restart the browser.

In addition to updating, users are advised to exercise caution when browsing, employ strong password managers, enable two-factor authentication, limit online information sharing, keep software updated, and utilize firewalls and antivirus software. Overall, prompt action is imperative to ensure the security of systems and sensitive data.