Which Chrome versions are affected?
The vulnerabilities affect Chrome versions prior to the following updates:
- Chrome < 142.0.7444.59 for Linux
- Chrome < 142.0.7444.59/60 for Windows and Mac
- Chrome < 142.0.7444.60 for macOS
If your browser is running an older version, it needs to be updated immediately.
What is the alert about?
According to CERT-In, several vulnerabilities have been identified across Chrome's internal components, including:
V8 engine issues – Type Confusion, Race Conditions, Out-of-Bounds that read:
- Use-after-free in PageInfo and Ozone
- Weaknesses in extensions, autofill, media handling & storage
- Incorrect UI security in Omnibus and Fullscreen modes
- Policy bypass bugs
What does this mean in easy words?
These are serious weaknesses within core Chrome systems: the JavaScript engine, browser UI, extensions, and media modules. If you open a hostile web site without even knowing it:
- Your browser may execute malicious code
- Attackers could bypass Chrome's security protections
- Fake UI screens may pop up to steal passwords
- Sensitive data in your browser could be accessed
- This can, in serious cases, compromise your entire system.
Basically, an attacker can hijack your browsing session or even the device itself.
How to stay safe?
According to CERT-In, all users are advised to take immediate action:
- Update Chrome immediately: Google has already released a security patch.
You can update Chrome by visiting:
- Menu
- Help
- About Google Chrome
- Update
2. Keep away from suspicious sites: Do not click on unknown links sent via SMS, email, or social media.
3. Allow auto-updates: Keep Chrome up to date automatically to continue to protect your system.
About The Author
Comment List