Google Chrome threat alert: These users at ‘high risk’ of hacking, government warns

People using Google Chrome for desktop have been warned about multiple vulnerabilities that can enable hackers to gain control of their devices, as per a recent ‘High Risk’ threat warning from the country’s cyber agency Indian Computer Emergency Response Team (CERT-In).

These chinks in the armour could let an attacker execute an arbitrary code remotely and bypass the security on the targeted system, the CERT-In advisory said. Those affected are Google Chrome versions prior to 104.0.5112.101.

"These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API," it said.

Hackers could send requests to a person which is specialised to exploit these security flaws. CERT-In also suggested the solution for users at risk.

"The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently," said the agency.

READ | Multi-crore instant loan application and extortion racket with China link busted, over 100 apps involved

(With inputs from agencies)