The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning for Google Chrome users, advising them to immediately update their browsers to address newly discovered security vulnerabilities. The warning impacts users on Windows, macOS, and Linux operating systems.

What's the Threat?

CERT-In has flagged multiple security flaws within Google Chrome that could allow remote attackers to compromise a user's system. These vulnerabilities stem from issues such as inappropriate implementations in Chrome's Extensions, type confusion errors in the V8 engine, and out-of-bounds write vulnerabilities. The V8 engine is crucial as it processes JavaScript and WebAssembly, which are fundamental to modern website functionality. If exploited, these flaws could enable attackers to execute arbitrary code, gain unauthorized access to sensitive user data (including passwords and financial information), and potentially take control of the affected system. A specially crafted request from a hacker could be enough to compromise a browser.

Which Chrome Versions Are Affected?

The warnings generally apply to Chrome versions released before specific build numbers. For example, one warning applied to versions before 130.0.6723.69 for Windows and Mac, and the same version number for Linux. Another warning targeted versions earlier than 139.0.7258.138. Because the specific affected versions vary depending on the particular vulnerability being addressed, users should ensure they are running the latest stable version of Chrome to be protected against all known threats.

How to Stay Safe

The most critical step is to update Google Chrome to the latest version. To do this:

1. Open Google Chrome.
2. Click on the three dots (Menu) in the upper right-hand corner.
3. Go to Help > About Google Chrome.
4. Chrome will automatically check for updates and install them.
5. Relaunch the browser to apply the updates.

CERT-In classifies the threat level as "High," emphasizing the serious nature of these security issues. This highlights the need for immediate action to mitigate potential risks. All users of Google Chrome, whether for personal or business use, are advised to verify their Chrome version and update accordingly. By taking these steps, users can ensure they have the latest security patches and are protected against potential exploits.