Google has started to roll out ‘milestone’ Chrome 100 update this week. The version brings in new design and features. With the update, Google Chrome also gets a new logo with the latest update. Apart from this, the new version also contains a number of fixes and improvements, a few of which can be exploited by a remote attacker to execute arbitrary code and access sensitive information on the targeted system. As per a latest high-severity warning issued by the Computer Emergency Response Team (CERT-In), under the IT ministry. Users of Google Chrome version prior to 100.0.4896.60 may be under high risk.
As per the warning, multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code and access sensitive information on the targeted system
“These vulnerabilities exist in Google Chrome due to Use after free in Portals, QR Code Generator, Cast UI, WebRTC, Shopping Cart, Tab Strip, File Manager, WebUI and Extensions; Heap buffer overflow in WebUI; Insufficient validation of untrusted input in WebOTP; Type Confusion in V8; Heap buffer overflow in WebUI; Inappropriate implementation in Web Share API, Full Screen Mode, Virtual Keyboard, Extensions, Web Cursor, Background Fetch API and Resource Timing. An attacker could exploit these vulnerabilities by sending specially crafted request.” the advisory reads.
To avoid any exploitation, the CERT-In wants Google Chrome users to update to version 100.0.4896.60. To know how to update your Chrome browser, you can follow these steps:
As per the warning, multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code and access sensitive information on the targeted system
“These vulnerabilities exist in Google Chrome due to Use after free in Portals, QR Code Generator, Cast UI, WebRTC, Shopping Cart, Tab Strip, File Manager, WebUI and Extensions; Heap buffer overflow in WebUI; Insufficient validation of untrusted input in WebOTP; Type Confusion in V8; Heap buffer overflow in WebUI; Inappropriate implementation in Web Share API, Full Screen Mode, Virtual Keyboard, Extensions, Web Cursor, Background Fetch API and Resource Timing. An attacker could exploit these vulnerabilities by sending specially crafted request.” the advisory reads.
To avoid any exploitation, the CERT-In wants Google Chrome users to update to version 100.0.4896.60. To know how to update your Chrome browser, you can follow these steps:
- Open Google Chrome browser on your device.
- Tap on the three-dot icon.
- Go to help.
- Tap on About Google Chrome.
- You will be able to see the version of your Chrome browser in the next window. If an update is available, will also be able to spot an update button.
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.