
Update Chrome immediately! These flaws can compromise your sensitive information
What's the story
The Indian Computer Emergency Response Team (CERT-In) has issued a warning about critical vulnerabilities in the desktop version of Google Chrome.
The security flaws, which have been classified as high-risk, could potentially let cybercriminals gain unauthorized access to your system and compromise your sensitive information.
CERT-In recommends all Chrome users to quickly update their browsers to the latest version for best protection.
Vulnerability details
Detailed explanation of the vulnerabilities
CERT-In explained in a statement, "Multiple vulnerabilities exist in Google Chrome due to inappropriate implementation in Custom Tabs, Intents, Extensions, Navigations, Autofill, and Downloads."
It further added that a remote attacker might exploit these vulnerabilities by persuading a victim to visit a specially crafted webpage.
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system.
Impact
CERT-In identifies affected software versions
The CERT-In warning notes that the issue impacts Chrome versions older than 135.0.7049.52 on Linux and 135.0.7049.41/42 on Windows and macOS.
The vulnerabilities are linked with different features of Chrome, like downloads, autofill, extensions, and website navigation capabilities.
The alert is applicable for anyone using Chrome on their home/office computers, as it could risk personal data or break the computer with crashes/instability.
Procedure
How to update Google Chrome?
To protect from these vulnerabilities, users are advised to update their Chrome browsers right away. CERT-In has confirmed that Google has issued updates to fix these security issues.
To do so, open Chrome on your laptop, click three dots on the top-right corner, head over to "Help," and click on "About Google Chrome."
The browser will automatically check for updates and begin downloading if one is available. Then, click "Relaunch" to restart the browser with latest security fixes in place.