Update Google Chrome browser immediately: CERT-In – Times of India
Several vulnerabilities were recently discovered in Google Chrome browser for Windows, mac and Linux platforms. If you are using the Chrome browser version older than 88.0.4324.146 then it is highly advisable that you update to the latest version immediately. The Indian Computer Emergency Response Team (CERT-In) has also issued a high severity rating advisory asking users to update.
“Multiple vulnerabilities have been reported in Google chrome which could be exploited by an attacker to execute arbitrary code on the targeted system,” CERT-In said in its advisory.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, could view, change, or delete data in the targeted system, it added.
Explaining the problem, CERT-In said, “Multiple vulnerabilities exist in Google Chrome due to Use after free in Payments, Heap buffer overflow in Extensions, Heap buffer overflow in Tab Groups, Use after free in Fonts, Use after free in Navigation, Inappropriate implementation in Skia and Heap buffer overflow in V8. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted website.”
Google acknowledged that the new update includes six security fixes that were contributed by external researchers.
Meanwhile, Google has rolled out the beta version of Chrome 89. The upcoming update will have several new features including Privacy Sandbox. Chrome 89 is said to come with changes to the Discover feed on the New Tab Page but mostly in design elements. Google is set to replace the cards in which articles are listed with dividers. The font is also said to be bigger and the description on the card has also been removed.