Indian agency CERT-In issues ‘high severity’ advisory for Google Chrome users

According to CERT-In, Google Chrome users should immediately update the Chrome browser to avoid targeted attacks. The agency noted that only Chrome versions prior to 98.0.4758.80 are affected by the vulnerabilities.  “These vulnerabilities exist in Google Chrome due to Use after free in Safe Browsing, Reader Mode, Web Search, Thumbnail Tab, Strip, Screen Capture, Window Dialogue, Payments, Extensions, Accessibility, and Cast; Heap buffer overflow in ANGLE; Inappropriate implementation in Full Screen Mode, Scroll, Extensions Platform and Pointer Lock; Type Confusion in V8; Policy bypass in COOP and Out of bounds memory access in V8,” the advisory read.

Meanwhile, the vulnerabilities were fixed by Google in Chrome 98 earlier this month. The nodal agency in its advisory categorised the severity of the issues as “high”.

Here’s how you can manually update Google Chrome:

1)Go to Chrome

2)Click on ‘About Google Chrome’

3)Check for updates

4)Once the update is  installed, you will need to relaunch the browser to its latest version.

CERT-In is the nodal agency within the Ministry of Electronics and Information Technology of the Government of India. It deals with cyber security threats like hacking and phishing. It aims to strengthens security-related defence of the Indian Internet domain.

It should be noted that CERT-In has always been circumspect of Google Chrome in the past as well. Earlier, the agency came down heavily on the availability of certain extensions on the chrome store. Meanwhile in 2020, the CERT-In had asked Google Chrome users to uninstall certain extensions that were caught collecting “sensitive” user data.