Government issues critical warning for Chrome users: Steps you need to take now

The Computer Emergency Response Team of India (CERT-In), operating under the Ministry of Electronics and Information Technology (MeitY), has issued a high-severity alert for users of Google Chrome on desktop platforms. The cybersecurity agency warns that outdated versions of Chrome on Windows, macOS, and Linux are being actively targeted by cyber attackers.

What’s the concern?

According to CERT-In, Chrome versions earlier than 136.0.7103.113/.114 on Windows and macOS, and earlier than 136.0.7103.113 on Linux, contain several security flaws. These vulnerabilities could potentially be exploited by attackers. The issues arise from:

• Insufficient policy enforcement in the browser’s loading mechanism

• Improper handling in Mojo, a core component responsible for inter-process communication in Chromium-based browsers

CERT-In warns that all individuals and organizations using Google Chrome could be potential targets of these exploits.

What’s at risk?

CERT-In cautions that the vulnerabilities in Google Chrome could enable a remote attacker to execute arbitrary code, effectively allowing them to take control of a user’s system. This could result in:

• Exposure of sensitive information
• Compromise of the system’s integrity
• Installation of malware or spyware without the user’s knowledge

CERT-In also highlights that one of the vulnerabilities is especially serious, as it is actively being exploited in real-world attacks, making it an urgent and high-priority threat.

What should you do?

The positive news is that Google has already addressed these issues in the latest desktop version of Chrome. CERT-In strongly urges all users and organizations to immediately update their Chrome browser to the most recent version to protect against potential attacks.