The government has warned users about multiple vulnerabilities on the Google Chrome desktop application that could enable hackers to gain access to sensitive information and bypass security restrictions.
In a note released by the Indian Computer Emergency Response Team (CERT-In), the nodal agency for cybersecurity threats, the government has urged Chrome users to update their browsers to avoid security breaches. Google also acknowledged the loopholes within the browser and released an update.
CERT-In said in the note that the vulnerabilities allowed attackers to remotely execute arbitrary code on the browser and cause buffer overflow on the targeted system. Buffer overflow is an attempt to write more data to a fixed length memory block to corrupt the software.
“A vulnerability has been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system,” CERT-In warned in its advisory.
“What’s worrying is that the vulnerability is already exploited by hackers and Google Chrome users are highly recommended to update immediately.”
The agency assigned a ‘high’ severity rating to the security issues.
Google also acknowledged the issues covered by the Indian agency in a blog post last month. It released the Chrome version 101.0.4951.41 for macOS, Windows, and Linux with 29 security fixes.
CERT-In had recently issued a similar advisory for users of Mozilla Firefox. It had found several security vulnerabilities that could be used to bypass security restrictions and conduct spoofing attacks, execute arbitrary code, and obtain sensitive information.