India Government’s Computer Emergency Response Team or CERT-In keeps sending out alerts, warning the masses about various vulnerabilities that are discovered in consumer-grade products—be it Android or iOS, Mac, or Windows. Now, it is back with yet another alert in the form of multiple ‘high’ risk vulnerabilities found in Google Chrome.
CVE-2024-1283 and CVE-2024-1284 are the Google Chrome vulnerabilities in question here.
What’s The Risk?
Being high-risk vulnerabilities, they are susceptible to be exploited by a remote attacker to “execute arbitrary code,” which is basically a denial of service (DoS) attack, and this, in turn, can be used to steal sensitive information from the target computer easily.
Further, CERT-In said, “These vulnerabilities exist in Google Chrome due to Use after free in Mojo and Heap buffer overflow in Skia. A remote attacker could exploit these vulnerabilities by sending a specially crafted request on the targeted system.”
Who Is Affected And How To Be Safe?
These Google Chrome vulnerabilities exist in both Google Chrome for Windows versions 122.0.6167.160/161 and before, and Google Chrome for Mac and Linux version 122.0.6167.160 and before.
To be safe, users must download the latest available software update for Google Chrome on whichever platform they are on. Google has listed the security fixes here that come with the stable channel update.
In related news, CERT-In, last week, had also warned users about vulnerabilities that were found in Android OS as well. These vulnerabilities affect Android versions 11, 12, 13, and 14, and that they exist within the framework, system, arm components, and MediaTek components, Unisoc components, Qualcomm components, and Qualcomm close-sourced components.
Comments
0 comment