The Indian Computer Emergency Response Team (CERT-In) has flagged multiple, severe security vulnerabilities in Google's Chrome web browser and has urged users to update the software.
In an advisory, CERT-In — a cybersecurity agency that comes under the Union Ministry of Electronics and Technology — has highlighted 25 "high severity" vulnerabilities that could be exploited malicious actors and has advised users to update to
Google Chrome version 101.0.4951.41.
"Multiple vulnerabilities have been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions and cause buffer overflow on the targeted system," CERT-In said in the note.
Also read:
The agency said the vulnerabilities could have been caused to a host of reasons, including — but not limited to — free use of Vulkan (an open standard for 3D graphics and computing), as well as exploits in SwiftShader (which implements the Vulkan graphics Application Programming Interface, or API), ANGLE (a JavaScript API embedded into the backend of Chrome), device APIs, sharing, and file system APIs.
Google recently rolled out the critical update to fix vulnerabilities in its flagship browser, which potentially put 3.2 billion users at risk. The update addresses problems faced by users on the Windows, macOS and Linux platforms.
The vulnerabilies also affect browsers that utilise Google's free, open-source web browser software, such as Brave and Microsoft Edge.
First Published: May 2, 2022 6:31 PM IST