Google Chrome customers should replace it as quickly as potential.
CERT-In is again with yet one more alert within the type of a number of ‘high’ threat vulnerabilities present in Google Chrome. Here’s what you could know.
India Government’s Computer Emergency Response Team or CERT-In retains sending out alerts, warning the lots about numerous vulnerabilities which are found in shopper-grade merchandise—be it Android or iOS, Mac, or Windows. Now, it’s again with yet one more alert within the type of a number of ‘high’ threat vulnerabilities present in Google Chrome.
CVE-2024-1283 and CVE-2024-1284 are the Google Chrome vulnerabilities in query right here.
What’s The Risk?
Being excessive-threat vulnerabilities, they’re inclined to be exploited by a distant attacker to “execute arbitrary code,” which is principally a denial of service (DoS) assault, and this, in flip, can be utilized to steal delicate info from the goal pc simply.
Further, CERT-In mentioned, “These vulnerabilities exist in Google Chrome due to Use after free in Mojo and Heap buffer overflow in Skia. A remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system.”
Who Is Affected And How To Be Safe?
These Google Chrome vulnerabilities exist in each Google Chrome for Windows variations 122.0.6167.160/161 and earlier than, and Google Chrome for Mac and Linux model 122.0.6167.160 and earlier than.
To be protected, customers should obtain the newest out there software program replace for Google Chrome on whichever platform they’re on. Google has listed the safety fixes right here that include the secure channel replace.
In associated information, CERT-In, final week, had additionally warned customers about vulnerabilities that had been present in Android OS as properly. These vulnerabilities have an effect on Android variations 11, 12, 13, and 14, and that they exist inside the framework, system, arm parts, and MediaTek parts, Unisoc parts, Qualcomm parts, and Qualcomm shut-sourced parts.
