Google Chrome users, CERT-In has an important alert for you

By: |
Published: July 21, 2020 12:10 PM

CERT-In has been circumspect of Google Chrome in the past as well and has come down heavily on the availability of certain extensions on the chrome store.

Detailing the cause of these loopholes in Google Chrome, CERT-In laid the blame on heap buffer flow, side-channel information leakage, type confusion and an inappropriate implementation in WebRTC among others.

Issuing an alert, the Indian Computer Emergency Response Team (CERT-In) has asked the users of Google Chrome browser to update the browsing app as soon as possible to avoid any misconduct on their data. The CERT-In has asked the Chrome users to update their app if they are using the browser version released before Google Chrome version 84.0.4147.89. The emergency response team has graded the possible vulnerabilities on Chrome’s older version with high severity and has laid out an advisory to help users in prevention from possible infringement of data privacy.

The agency for maintaining Indian cyberspace security has issued the latest guidelines on account of multiple vulnerabilities in Google Chrome that could potentially enable remote attackers in executing arbitrary code, bypassing security restrictions, accessing sensitive information along with conducting spoofing attack, and denial of services (DoS) on the target systems.

Detailing the cause of these loopholes in Google Chrome, CERT-In laid the blame on heap buffer flow, side-channel information leakage, type confusion and an inappropriate implementation in WebRTC among others.

CERT-In has been circumspect of Google Chrome in the past as well and has come down heavily on the availability of certain extensions on the chrome store. Earlier this month, the CERT-In had asked Google Chrome users to uninstall certain extensions that were caught collecting “sensitive” user data. The federal cyber-security agency had recommended that users uninstall Google Chrome extensions with IDs given in section IOCs (organizational chart). The CERT-In had also suggested users to visit the Chrome extensions page and assess if they have in the past installed any extensions now found to be malicious.

CERT-In had also stated that some extensions included code to circumvent Google Chrome ‘s security scans on the Web store. The malicious extensions were able to take screenshots, read the clipboard, harvest authentication cookies or capture passwords and other confidential information with user keystrokes

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1Digital holds the key for every industry facing existential crisis: LC Singh, Director, Nihilent
2William English, co-creator of computer mouse, passes away aged 91 in California
3Whatsapp chats on Android will soon get 138 new emojis; here are the details