Cybersecurity Agency CERT-In has warned Google Chrome users of potential hacking activities. The agency has asked users to update their Google Chrome browsers in order to stop hackers from accessing control and also compromising the safety of their machines.
A report by IANS claims that Chrome version 84.0.4147.89 comes with 38 fixes and improvements against vulnerabilities which can be exploited by hackers.
“Multiple vulnerabilities have been reported in Google Chrome that could allow remote attacker to execute arbitrary code, bypass security restrictions, access sensitive information, contact spoofing attack and denial of service (DoS) attack on the targeted system,” the Computer Emergency Response Team-India (CERT-In) warned in its latest advisory.
The new vulnerabilities were spotted by external security researchers. According to the researchers, the issues exist due to heap buffer overflow, side-channel information leakage, type Confusion, inappropriate implementation in WebRTC, use after free, policy bypass, insufficient policy enforcement, incorrect security UI (user interface), etc.
“A remote attacker could exploit these vulnerabilities by creating a specially crafted webpage on the targeted system,” said the CERT-In advisory. The advisory claims that the current solution is to upgrade to Chrome 84.0.4147.89.
Recently, a newly discovered spyware effort attacked users through 32 million downloads of extensions to Google’s market-leading Chrome web browser. According to a Reuters’ report, researchers at Awake Security highlighted the tech industry’s failure to protect browsers as they are used more for email, payroll and other sensitive functions.
Alphabet Inc’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers last month.