People using Google Chrome for desktop have been warned about multiple vulnerabilities that can enable hackers to gain control of their devices, as per a recent ‘High Risk’ threat warning from the country’s cyber agency Indian Computer Emergency Response Team (CERT-In).
These chinks in the armour could let an attacker execute an arbitrary code remotely and bypass the security on the targeted system, the CERT-In advisory said. Those affected are Google Chrome versions prior to 104.0.5112.101.
"These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API," it said.
Hackers could send requests to a person which is specialised to exploit these security flaws. CERT-In also suggested the solution for users at risk.
"The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently," said the agency.
READ | Multi-crore instant loan application and extortion racket with China link busted, over 100 apps involved
(With inputs from agencies)
.