Update Google Chrome now! Critical vulnerabilities found in web browser
What's the story
The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning over a remote code execution vulnerability in Google Chrome for desktop. The flaw, which affects versions older than 141.0.7390.122/.123 on Windows and macOS, and 141.0.7390.122 on Linux, could let attackers run arbitrary code on a user's system. This could potentially lead to full system compromise or service disruption.
Technical details
Vulnerability exists in Chrome's V8 engine
The vulnerability stems from a flawed implementation in Chrome's V8 engine, a core part of the browser that runs JavaScript code. A remote attacker could exploit this flaw by sending specially crafted web requests that trigger unintended program behavior. If successfully exploited, it could let an attacker run arbitrary code with the same privileges as the logged-in user, leading to complete system takeover or disruption of essential services.
Advisory
Update Chrome to latest version immediately
In light of this vulnerability, CERT-In has urged all users and organizations to update their Chrome browser to the latest version as soon as possible. The agency also recommends enabling automatic updates and checking the official Chrome security advisories for future patches against similar high-risk vulnerabilities. Google has confirmed that a fix is included in its Stable Channel Update for Desktop released yesterday.