The Computer Emergency Response Team of India (CERT-IN) has issued a critical advisory to Google Chrome users, alerting them to several newly identified vulnerabilities that pose a significant risk. According to CERT-IN, these vulnerabilities can be exploited by remote attackers to gain illegal access to users’ systems. Tracked as CIVN-2024-0282, the flaws have been discovered in Chrome versions prior to 128.0.6613.119/.120 for Windows and macOS, and versions prior to 128.0.6613.119 for Linux.
The problems identified, tagged under the CVE Identifiers CVE-2024-8362 and CVE-2024-7970, are attributed to “use-after-free” bugs in Chrome’s Web Audio component. These flaws provide cybercriminals with the opportunity to infiltrate systems, potentially allowing them to execute arbitrary commands without user consent. Such access could result in attackers taking full control of the affected machine, allowing them to steal sensitive data, install malware, or use the system to carry out additional cyberattacks.
CERTIFICATE He stressed the seriousness of the vulnerabilities, noting that attackers could exploit them by tricking users into visiting maliciously crafted websites. This type of attack, known as a drive-by download, occurs when a user is directed to a compromised web page, with no additional interaction required from the user for the system to be compromised. Users are therefore urged to be careful about the websites they visit and the links they click on, especially those from unknown or suspicious sources.
In response, Google has already issued patches to fix these bugs and CERTIFICATE strongly recommends that users update their browsers to the latest version immediately.
The version update 128.0.6613.119/.120 Version 128.0.6613.119 for Linux and Windows contains security improvements that address these vulnerabilities. Users can apply the update by going to “Help” > “About Google Chrome,” where the browser will automatically download and install the latest version. Additionally, CERT-IN recommends keeping anti-virus software up to date, enabling automatic browser updates, and regularly backing up data to mitigate potential damage from any security breach.
3.6 million Indians visited us in a single day and chose us as India’s undisputed platform for the general election results. Explore the latest updates here!
Stay up to date with the latest updates on Apple Event 2024Discover everything you need to know about the iPhone 16, iPhone 16 Pro, iPhone 16 Pro Maxand iPhone 16 Plus.
Published: 06 Sep 2024, 23:09 IST
Disclaimer
The information contained in this post is for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the post for any purpose.
We respect the intellectual property rights of content creators. If you are the owner of any material featured on our website and have concerns about its use, please contact us. We are committed to addressing any copyright issues promptly and will remove any material within 2 days of receiving a request from the rightful owner.