CERT-In Warns of Critical Security Flaws in Google Chrome – Urges Immediate Update

The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity advisory, alerting users about multiple critical vulnerabilities in Google Chrome across Windows, macOS, and Linux platforms. These security flaws could allow cybercriminals to execute arbitrary code, bypass security protections, steal sensitive data, or launch denial-of-service (DoS) attacks.

Who Is at Risk?

The vulnerabilities affect Google Chrome versions prior to 133.0.0043.59/.99 on Windows and macOS, and versions before 133.0.6943.98 on Linux. Users running outdated versions are at a higher risk of system breaches and remote exploits.

Nature of the Security Flaws

CERT-In reports that these vulnerabilities arise due to inappropriate implementations in Payments, Downloads, and WebApp provider, along with insufficient data validation in USB, integer overflow issues, and incorrect security UI in Downloads and Picture-in-Picture (PiP) mode. Additionally, flaws related to use-after-free errors in Printing, Profiles, Reading Mode, and the Side Panel have been identified.

Potential Threats

If exploited, these vulnerabilities could:

• Grant hackers remote control over affected systems
• Enable malware installation and data theft
• Cause denial-of-service (DoS) attacks

How to Stay Protected?

CERT-In strongly advises users to update Chrome immediately:

• Open Chrome and click on the three-dot menu (top-right corner).
• Go to Help > About Google Chrome.
• Chrome will automatically check for updates and install them.
• Restart Chrome to apply security patches.

Source: Financial Express