Highlights:
• Warning issued for users of the Google Chrome operating system
• The Indian Computer Emergency Response Team (CERT-In) has issued a ‘high severity’ warning
The Ministry of Electronics and Information Technology’s Indian Computer Emergency Response Team (CERT-In) has issued a ‘high severity’ warning for Google Chrome users. The government’s cybersecurity team has issued a warning to users running Google Chrome OS versions prior to 96.0.4664.209. Multiple vulnerabilities in the OS have been reported, according to the warning, which can be exploited by a remote attacker to execute arbitrary code on the targeted system.
This means that an attacker can use a Google Chrome OS device to execute commands or code without the user’s permission. Although Google Chrome OS has a small market share in the country, it is gradually attracting more users, especially since the release of Chrome OS Flex.
What the government agency has to say about Google Chrome OS
“These vulnerabilities exist in Google Chrome OS due to Heap buffer overflow in V8 Internationalization; Use after free in Sharesheet, Performance Manager, Performance APIs,” according to the CERT-In warning. Insufficient validation of untrusted input in Data Transfer and out of bounds memory access in UI Shelf have been reported as vulnerabilities in dev-libs/libxmi2. An attacker could execute arbitrary code on the targeted system if these vulnerabilities are successfully exploited.
What Google Chrome OS users can do to stay safe
Google releases updates for its products, including Chrome OS, on a regular basis to keep users safe from cybercriminals. Later last month, the tech giant released build 96.0.4664.209 to address the OS’s vulnerabilities. To avoid being exploited, CERT-In recommends that users install the most recent version of Google Chrome OS.
Aside from that, CERT-In has issued an advisory for Mozilla product users.
