The Indian government issued an advanced notice to all desktop users of Google Chrome, indicating some severe security vulnerabilities that could expose systems to cyberattacks. The alert issued by the Indian Computer Emergency Response Team (CERT-In) called on users to update their browsers immediately and avoid falling victim to remote exploitation by hackers.
The vulnerabilities identified in versions of Google Chrome prior to 131.0.6778.204/.205 (for Windows and Mac) and 131.0.6778.204 (for Linux) are particularly worrying because they can be exploited by cybercriminals to take control of devices, execute malicious code, or even cause a denial-of-service (DoS) attack.
CERT-In has classified these vulnerabilities with a “high” severity risk, urging both individual and organizational users to take immediate action.
Root Problem: Bugs in the V8 JavaScript Engine for Chrome
The security vulnerabilities arise from bugs in Chrome’s V8 JavaScript engine, which executes dynamic content on websites. The bugs include problems such as Type confusion, out-of-bounds memory access, and use-after-free errors, which can be exploited by attackers. Once these vulnerabilities are triggered, they allow attackers to remotely access a victim’s system, steal sensitive information, or even crash the browser completely.
Since Google Chrome is one of the most popular browsers used in India, the risk is high for personal and commercial users alike. The potential of attackers exploiting these flaws could compromise confidential data, leading to financial losses, identity theft, or system instability.
What’s at Risk?
Unless the loopholes are closed, the flaws will leave vulnerable users’ private data and entire systems vulnerable to critical threats. Because Google Chrome happens to be the default browser of millions of Indians, the destruction is potentially great. Data leaks, system crashes, and even other harmful operations may affect private individuals and corporates alike-from personal data to corporate networks.
Government Advisory: What to Do
CERT-In has strongly advised all affected users to update their Google Chrome browsers as soon as possible. Here’s how you can secure your device:
1. Open Google Chrome.
2. Click on the settings menu (three vertical dots in the top right corner).
3. Go to Help> About Google Chrome**.
4. Chrome will automatically check for updates and install them.
5. Restart the browser to ensure that the update has taken effect.
Once the update is done, users will be protected from the vulnerabilities that have been flagged by the government. The latest stable version of Google Chrome is 131.0.6778.204/.205 for Windows and Mac, and 131.0.6778.204 for Linux.
These risks are severe because an attacker might exploit these vulnerabilities to execute arbitrary code, gain unauthorized access or data theft, or even remotely control a device. For organizations, the prospect of data breaches and system instability is frightening since it might impact not only individual systems but entire networks, putting organizations at further risk for cyberattacks.
ALSO READ: Spotify Under Fire As ‘Pornographic’ Videos Surface In Search Results For Rapper M.I.A