Beware! Google Chrome users are at risk, here’s what to do now

Several security vulnerabilities were reported in Google Chrome, with which users were prone to hacking attacks. But luckily, Google was quick and has now released an updated Chrome version that fixes these issues. In response to this update, India’s Computer Emergency Response Team (CERT-In) and the United States Cyber ​​Security Agency (CISA) have asked users to update to the latest version of Chrome. Also Read – How To Turn On Dark Mode On Google Chrome

Security vulnerabilities detected on Google Chrome

According to a Google post, there were seven security vulnerabilities in Chrome and four of which were deemed critical. These vulnerabilities allow hackers to exploit and control affected systems. Also Read – Google’s On-Device Machine Learning Will Help You Block Pop-ups & More

“Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on a target system,” said an advisory from the nodal agency. Also Read – CERT-In Flags Bug In Chrome OS, Mozilla Products That Could Allow Attackers To Gain Access To Your Data

Fortunately, the newly updated version of Google Chrome with version number 102.500005.115 has fixed these issues. These issues were reported over the past few weeks and finally, Google has pushed out an update for Chrome on Windows, Mac and Linux.

While Google hasn’t disclosed the key details of these vulnerabilities, it has shared their tracking numbers. Google tracks four of the extremely severe vulnerabilities as CVE-2022-2007, CVE-2022-2008, CVE-2022-2010 and CVE-2022-2011.

CVE-2022-2007 is a use-after-free (UAF) vulnerability that exists in APIs from WebGPU. This was first reported by David Manoucheri on 2022-05-17.

On the other hand, CVE-2022-2008 is classified as out-of-bounds memory access in WebGL and was reported by Khangkito on 2022-04-19.

CVE-2022-2010 is classified as read out of bounds in compositing, while CVE-2022-2011 is classified as free after use in ANGLE. Both were reported last month by Mark Brand and Seonghwan Park (Sehwa) of Google Project Zero.

Although Google has publicly listed these reported vulnerabilities in its blog post, there is no public access to check all of their details.

CERT-In and CISA have urged users to update to the latest version of Google Chrome to prevent hacking attacks or other issues.

Leave a Comment