Alert for Google Chrome Users; version ending with 76/.77 may invite possible threat
As highlighted by CERT-In, Google Chrome users are facing urgent security risks, prompting the need for immediate action to protect devices. Identified vulnerabilities in versions preceding 125.0.6422.76/.77 could enable hackers to gain control, steal data, and install malware. CERT-In has issued a high-risk warning, urging users to update their browsers promptly. Several critical vulnerabilities pose serious threats, allowing hackers to exploit devices fully. These security flaws could lead to data theft, malware installation, and potential attacks on other systems.
Outlined in CERT-In’s advisory (CIVN-2024-0170), vulnerabilities include heap buffer overflow in ANGLE and Dawn, use after free in Scheduling, and type confusion in V8. A heap buffer overflow occurs when a program exceeds allocated memory, potentially leading to crashes or unauthorized code execution. Similarly, use after free occurs when accessing freed memory, leading to crashes or malicious code execution. Type confusion in V8 results from data type discrepancies, enabling attackers to inject harmful code. The affected Chrome versions require immediate patching to mitigate risks. Google has released patches for versions earlier than 125.0.6422.76/.77 for Windows and Mac and 125.0.6422.76 for Linux. Users are strongly advised to update their browsers to the recommended versions promptly.
Additionally, enhancing browser security involves enabling automatic updates and installing security extensions to enforce secure connections, block harmful content, and manage script execution. Regularly clearing browsing data and exercising caution with unknown links or attachments can further reduce risks. Turning off non-essential browser plugins minimizes the attack surface, as cyber attackers often exploit these plugins. By following these measures, Chrome users can effectively safeguard their devices and personal information from the threats posed by these critical vulnerabilities.
[Image Source: LiveMint]