In our digital era, web browsers are vital for online activities, and securing them is crucial. CERT-In’s recent warning about Google Chrome vulnerabilities highlights the need for safeguarding our digital access points. These issues are a serious threat, as hackers could use them to access your data, leading to potential breaches and system security risks.
In this blog, we’ll explore CERT-In’s important warning and the risks it brings to your online safety. We’ll also share steps to keep your device and data secure. As our digital world becomes more connected, securing your web browser is crucial for protecting your online activities and personal information.
Understanding the High-Risk Warning
The CERT-In Vulnerability Note CIVN-2023-0295, released on October 11, 2023, highlights a series of high-severity vulnerabilities in Google Chrome. These vulnerabilities fall into the ‘High’ severity category and are located in various aspects of the browser’s functionality.
Some of the issues identified include “Use after free” flaws in Site Isolation, Blink History, and Cast, as well as improper implementations in features like Fullscreen, Navigation, DevTools, Intents, Downloads, Extensions API, Autofill, Installer, and Input. Additionally, a heap buffer overflow vulnerability was discovered in the handling of PDF files.
Affected Chrome Versions
If you’re a Google Chrome user, it’s important to check if your version is vulnerable to the identified threats. Keeping your browser updated is the initial measure to secure your online activities on Google Chrome.
The following Chrome versions are vulnerable to these flaws:
i) Google Chrome versions prior to 118.0.5993.70/.71 for Windows
ii) Google Chrome versions prior to 118.0.5993.70 for Mac and Linux
CERT-In strongly advises users to update their systems immediately. Fortunately, Google has swiftly responded to the warning and released updates to address these vulnerabilities.
Here’s how you can update your Google Chrome:
i) Open Chrome.
ii) Click on the three dots at the top right (More).
iii) Go to Help.
iv) Select About Google Chrome.
v) If an update is available, Chrome will automatically download it.
vi) When the update is downloaded, click ‘Relaunch’ to activate it.
To keep your Google Chrome experience smooth and secure on your Android device, access the Play Store and initiate the update process for the browser. Regular updates ensure you have the latest features for secure browsing experience.
In a proactive measure to enhance digital security, the Indian government, in collaboration with CERT-In, is providing free tools designed to safeguard devices from the growing threats of malware and malicious bots. These tools empower users to maintain the integrity of their systems and protect their sensitive data.
These tools include:
i) eScan CERT-IN Bot Removal: Available on the Google Play Store.
ii) M-Kavach 2: Developed by C-DAC Hyderabad.
iii) Free Bot Removal Tool: Available at csk.gov.in.
You can access these malware detection tools through the Cyber Swachhta Kendra portal, which provides users with essential information and tools to secure their systems and devices. In this ever-evolving digital landscape, staying informed and taking action is crucial for a secure and enjoyable online experience.