Update Google Chrome immediately: Government shares critical warning for users

The Indian Computer Emergency Response Team has sounded a warning for Google Chrome users. The cybersecurity watchdog has identified several security bugs in the desktop versions of the popular browser.

These vulnerabilities may allow cybercriminals to steal data from targeted users, gain access and execute various types of attacks on affected Mac, Windows, and Linux systems. Along with the latest warning, the government agency has also shared a solution to avoid these risks. The agency has suggested that downloading software patches or updates and applying them immediately can help users effectively close security loopholes on affected platforms.

What Cert-In said about Google Chrome's security flaw

In a statement, Cert-In said: "Multiple vulnerabilities have been reported in Google Chrome for Desktop, which could be exploited by a remote attacker to execute arbitrary code, obtain sensitive information, gain elevated privileges, spoofing and bypass security restriction on the targeted system."The agency also noted that this is a high-severity warning and shared the list of Google Chrome versions that remain affected. Here's the list:

The agency also noted that these security flaws can affect "all end-user organizations and individuals using Google Chrome for Desktop."

These vulnerabilities have "high risk of remote code execution, privilege escalation or unauthorised access to sensitive data," and have "potential for system compromise, data theft or service disruption."Explaining the vulnerabilities, Cert-In wrote: “Multiple vulnerabilities exist in Google Chrome due to Type Confusion and Race in V8; Inappropriate implementation in Google Updater, DevTools, Downloads, Split View, WebRTC, Password; Use after free in Digital Credentials, Media Stream; Bad cast in Loader. A remote attacker could exploit these vulnerabilities by persuading the victim to visit a specially crafted web page. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, obtain sensitive information, gain elevated privileges, spoofing and bypass security restriction on the targeted system."V8 helps the Chrome browser run JavaScript and forms a bridge between the technical code of computers and readable text. Cert-In has recommended that Google Chrome users update to the latest version immediately.