Data Breach News

Chrome Vulnerabilities: India Warns Users To Update Systems

The country’s cybersecurity watchdog CERT-In has urged Chrome users to update their browsers immediately to protect against potential attacks.

by Krishna Murthy August 13, 2024 in Governance, Cybersecurity News, Firewall Daily, Press Release, Vulnerabilities

Share on LinkedInShare on Twitter

The Indian Computer Emergency Response Team (CERT-In), the government agency responsible for cybersecurity in the country, has issued a high-severity warning about multiple Google Chrome vulnerabilities that could potentially allow hackers to take control of your computer if you’re using an outdated version of the browser.

CERT-In identified multiple vulnerabilities in Google Chrome for desktops. These weaknesses, if exploited by malicious actors, could grant them the ability to run harmful code on your device.

Google is aware of these issues and has already rolled out a software update that fixes the vulnerabilities. Users need to update their Chrome browser to the latest version to patch these security holes.

Affected Google Chrome Versions

Cert-In asked Google Chrome users to update their browsers to versions 127.0.6533.99/.100 (for Windows and Mac) and 127.0.6533.99 (for Linux) to prevent themselves from being affected by this security flaw.

Older versions of Google Chrome include these vulnerabilities that can be exploited by hackers, the report noted.

How Can Hackers Exploit These Security Flaws

The Cert-In warning states that “multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code on the targeted system.” These vulnerabilities exist in Google Chrome due to “Heap buffer overflow in Layout; out-of-bounds memory access in ANGLE, use after free in sharing and web audio and type confusion and inappropriate implementation in V8.”

The report also warns that “an attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the targeted system.”

Update Chrome on PCs, Macs: Cert-In

Google Chrome users who access the browser on the web from their Macs and PCs need to update it to the latest version to stop hackers from exploiting the security flaws present in the older versions.

Last week, in a blog post, Google confirmed that the security update for Windows and Mac has already been rolled out to stable users, while the update for Linux users will be available in the coming days or weeks.

Cert-In Warns Businesses About Major Microsoft Security Issue

Cert-In has also recently warned businesses in India that Microsoft’s major enterprise suite called Dynamics 365 is facing a major security risk that can put millions of companies at risk. The warning comes with a high severity rating, which means businesses should attend to it right away.

The CERT-In bulletin says, “A vulnerability has been reported in Microsoft Dynamics 365 which could allow a remote attacker to gain elevated privilege on the targeted system.”

The security bulletin further explains the cause for the security risk and how it could impact systems. “The vulnerability exists due to weak authentication in Microsoft Dynamics 365. An attacker could exploit this vulnerability by bypassing the authentication process on the targeted system,” the note adds.

Microsoft has already been informed about the issue and the company seems to have issued a patch that should clear up the vulnerability. The CERT-In post says the Dynamics 365 Field Service (on-premises) v7 series is the version that is affected by the security risk and the update needs to be installed for systems running on this Dynamics 365 version right away.

Recently, the cybersecurity agency also issued a warning for users using Android smartphones powered by Qualcomm and MediaTek chipsets. It noted that the impacted smartphones are operating on Android versions 12, 12L, 13, and 14.

Moreover, a “severe” warning was also issued by the cybersecurity agency to Apple users who own iPhones, iPads, Macs, and more regarding multiple vulnerabilities.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button