The Indian Computer Emergency Response Team (CERT-In) has warned Google Chrome desktop users of multiple vulnerabilities enabling attackers to execute arbitrary code and bypass restrictions on the targeted systems. CERT-In is an agency under the Union Ministry of Electronics and Information Technology.
According to CERT-In, these vulnerabilities exist in Google Chrome due to issues in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; heap buffer overflow in downloads, insufficient validation of untrusted input in intents, insufficient policy enforcement in cookies and inappropriate implementation in extensions API.
“The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently,” the agency added.
Google Chrome users prior to version 104.0.5112.101 are at risk. The agency advised users to update the browser version. The agency had earlier warned Apple Watch users of security flaws.
Here is how to check the version of Google Chrome
Step 1: Open the Google Chrome browser.
Step 2: Select ‘Help’ from the three-dot menu and click ‘About Google Chrome.’
Step 3: The page will show details of the Chrome version. You can update the browser and relaunch it.