Warning! Update Google Chrome now before it gets too late
The Ministry of Electronics raised a high warning for Google Chrome users alerting a severe security risk associated with the browser which could potentially lead to comprising sensitive information.
The potential risks may include malware infections, data breaches, and phishing attacks, as several vulnerabilities occurred in the browser. CERT-IN also released specific versions of the browser that are potentially leaked to the vulnerability.
Google Chrome under emergency!
The Computer Emergency Response Team of the Indian Government aka CERT-IN (2) an agency that operated for the Ministry of Electronics and Information Technology (3), on Wednesday released a warning of concern for Google Chrome users (4).
The report released stated that specific versions of the browser are exposed to multiple vulnerabilities that could potentially leak users toward severe comprises such as data breaches, phishing attacks, etc., to which the ministry announced a threat call to users to update their browsers.
Possible Risks
Google Chrome's specific versions are exposed to multiple vulnerabilities that could lead an attacker to completely breach your data and take control of your system including all the credentials, payment passwords, etc.
The possible areas of risk that are spotted with vulnerabilities include prompts, Vulkan, Web Payments API, WebRTC, Video, and Swiftshader with more possible concerns attached to exploit via heap buffer overflow in a Video or PDF.
Why do such vulnerabilities exist in Google Chrome?
- Type Confusion in V8
- Heap buffer overflow in Visuals
- Usage after free in Blink Task Scheduling
- Out of bounds read and write in WebGL
- Cast and Web RTC Out of bounds memory access in ANGLE
- Insufficient data validation in Extensions and Inappropriate implementation in Extensions
The worst factor of the existence of these vulnerabilities is that an attacker could easily trick you to launch a website or open a link and then take control of all your data, asset, or rather the entire system.
Vulnerabilities highlighted by CERT-IN
- CVE-2023-4068
- CVE-2023-4069
- CVE-2023-4070
- CVE-2023-4071
- CVE-2023-4072
- CVE-2023-4073
- OVE-2023-4074
- CVE-2023-4075
- CVE-2023-4076
- CVE-2023-4077
- CVE-2023-4078
Exposed Google Chrome Version to multiple vulnerabilities
- Mac/Linux: 115.0.5790.170 prior versions
- Windows: 115.0.5790.170 & 115.0.5790.171 prior versions
The agency also addressed further that exploitation could lead attackers to unlock and execute arbitrary code and even bypass security restrictions or create a denial-of-service condition targeted to your system and crash old of your operations.
The agency advised users for updating their Chrome to the latest version, fast as possible since Google already addressed these issues in the new update.
How to Update Google Chrome?
Here's how to update Google Chrome before it gets too late and you are exposed to the multiple vulnerabilities identified by CERT-In.
- Launch Google Chrome.
- Select the always-visible three dots in the right corner.
- Now select "help" and then click "about Google Chrome."
- If your system supports the new update chrome will automatically start downloading and then install it to your system.
- Once it is installed, chrome will feature an auto-restart, and you are safe from the multiple vulnerabilities identified by CERT-In.
How to manually update Google Chrome?
Here's how to manually update Google Chrome if the auto-update is not working on your system.
- Launch Google Chrome.
- Select the always-visible three dots in the right corner.
- Now select "help" and then click "about Google Chrome."
- Now click "check for updates."
- If there is any new version it will showcase, all you have to do is manually click download and install, and done.
- After that, Google Chrome will restart and then your system will start running the latest version of Google Chrome.
How to safeguard yourself from online vulnerabilities?
Here are a few points to be noted that will help you stay safe from any future vulnerabilities and ease you off the last-moment panic and hunting for solutions.
- Never click unnecessary links or open/reply to unknown emails.
- Antivirus and not useless, use them to stay safe.
- Never force open any website if the gateway is mentioned as not safe.
- Always keep your OS and system up-to-date.
- Always enable 2FA wherever possible.
Make sure to note down all the steps and points we mentioned in the informative post and be safe from any future vulnerabilities to occur.