The Indian Computer Emergency Response Team of the Ministry of Electronics and Information Technology being vulnerable to cyber attacks due to various vulnerabilities present in the chrome browser. Multiple vulnerabilities have been found in the Google Chrome browser and could be exploited by cybercriminals to execute arbitrary code on the target PC.
Google Chrome is the most used browser in the country, both on mobile phones and computers. According to the CERT-In, Attackers might exploit the browser to execute arbitrary code on users’ systems. The Ministry of Electronics and Information Technology of India has found a number of defects in the browser that might permit an attacker to filch users’ personal information or install malware on a device.
Fixing of Chrome vulnerabilities with an update:
Google has released updates to fix these issues and patches and fixes bugs. The details of the bug fixes have been kept under wraps until a majority of the active Google Chrome users update their software to avail themselves of the upgraded security.
Google Chrome users are advised to update their software on an urgent basis to secure their devices. The updated versions – Chrome 98.0.4758.80/81/82 for Windows and 98.0.4758.80 for macOS and Linux; these new versions get the latest fixes.
The details of the vulnerabilities fixed are as follows:
|CVE-2022-0452||Use after free in Safe Browsing||High|
|CVE-2022-0453||Use after free in Reader Mode||High|
|CVE-2022-0454||Heap buffer overflow in ANGLE||High|
|CVE-2022-0455||Inappropriate implementation in Full Screen Mode||High|
|CVE-2022-0456||Use after free in Web Search||High|
|CVE-2022-0457||Type Confusion in V8||High|
|CVE-2022-0458||Use after free in Thumbnail Tab Strip||High|
|CVE-2022-0459||Use after free in Screen Capture||High|
|CVE-2022-0460||Use after free in Window Dialog||Medium|
|CVE-2022-0461||Policy bypass in COOP||Medium|
|CVE-2022-0462||Inappropriate implementation in Scroll||Medium|
|CVE-2022-0463||Use after free in Accessibility||Medium|
|CVE-2022-0464||Use after free in Accessibility||Medium|
|CVE-2022-0465||Use after free in Extensions||Medium|
|CVE-2022-0466||Inappropriate implementation in Extensions Platform||Medium|
|CVE-2022-0467||Inappropriate implementation in Pointer Lock||Medium|
|CVE-2022-0468||Use after free in Payments||Medium|
|CVE-2022-0469||Use after free in Cast||Medium|
|CVE-2022-0470||Out of bounds memory access in V8||Low|