Update Google Chrome browser immediately: CERT-In
Several vulnerabilities were recently discovered in Google Chrome browser for Windows, mac and Linux platforms. If you are using the Chrome browser version older than 88.0.4324.146 then it is highly advisable that you update to the latest version immediately. The Indian Computer Emergency Response Team (CERT-In) has also issued a high severity rating advisory asking users to update.
“Multiple vulnerabilities have been reported in Google chrome which could be exploited by an attacker to execute arbitrary code on the targeted system,” CERT-In said in its advisory.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, could view, change, or delete data in the targeted system, it added.
Explaining the problem, CERT-In said, “Multiple vulnerabilities exist in Google Chrome due to Use after free in Payments, Heap buffer overflow in Extensions, Heap buffer overflow in Tab Groups, Use after free in Fonts, Use after free in Navigation, Inappropriate implementation in Skia and Heap buffer overflow in V8. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted website.”
Google acknowledged that the new update includes six security fixes that were contributed by external researchers.
Meanwhile, Google has rolled out the beta version of Chrome 89. The upcoming update will have several new features including Privacy Sandbox. Chrome 89 is said to come with changes to the Discover feed on the New Tab Page but mostly in design elements. Google is set to replace the cards in which articles are listed with dividers. The font is also said to be bigger and the description on the card has also been removed.
“Multiple vulnerabilities have been reported in Google chrome which could be exploited by an attacker to execute arbitrary code on the targeted system,” CERT-In said in its advisory.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, could view, change, or delete data in the targeted system, it added.
Explaining the problem, CERT-In said, “Multiple vulnerabilities exist in Google Chrome due to Use after free in Payments, Heap buffer overflow in Extensions, Heap buffer overflow in Tab Groups, Use after free in Fonts, Use after free in Navigation, Inappropriate implementation in Skia and Heap buffer overflow in V8. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted website.”
Google acknowledged that the new update includes six security fixes that were contributed by external researchers.
Meanwhile, Google has rolled out the beta version of Chrome 89. The upcoming update will have several new features including Privacy Sandbox. Chrome 89 is said to come with changes to the Discover feed on the New Tab Page but mostly in design elements. Google is set to replace the cards in which articles are listed with dividers. The font is also said to be bigger and the description on the card has also been removed.
All Comments (0)+^ Back to Top
Refrain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks, name calling or inciting hatred against any community. Help us delete comments that do not follow these guidelines by marking them offensive. Let's work together to keep the conversation civil.
HIDE