Finance
The Indian Computer Emergency Response Team (CERT-In) has issued a high-level alert to Google Chrome users across the country. According to the government’s cyber security organization, the flaws might affect millions of Chrome users, as well as those running Windows, Mac, and Linux.
According to CERT-In, Google Chrome for desktop contains numerous vulnerabilities that a remote attacker might leverage to execute arbitrary code on the user’s PC. According to the cybersecurity organization, these vulnerabilities exist in Google Chrome for a variety of causes, including improper initialization and insufficient data utilization in dawn, as well as out-of-bounds read in WebTransport.
Giving reasons behind the vulnerabilities in an advisory dated August 7, CERT-In noted, “These vulnerabilities exist in Google Chrome for Desktop due to Uninitialized use in dawn; Out of bounds read in WebTransport and Insufficient data validation in dawn. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted request.”
The attackers reportedly make innocent users click on website links with malicious software that can bypass your device security and steal data.
Google Chrome Versions Affected By Security Issue
– Google Chrome versions prior to 127.0.6533.88/89 for Windows and Mac
– Google Chrome versions prior to 127.0.6533.88 for Linux
Most PC users, including those running Windows, Mac, and Linux, use Chrome as their preferred browser. As a result, they should be cautious about these types of vulnerabilities and avoid clicking on links provided in emails or downloading files from unknown sources.
What should a Google Chrome user do?
To stay safe and avoid data theft they should update Google Chrome to the latest available software update. You can update Chrome by heading to the three-dot menu on Chrome >> Settings >> About >> Update Chrome.
Security experts are calling it the 0.0.0.0 flaw that is linked to the IP address to your network. Hackers use this IP address to make the network to allow them to access any private network of a targeted identity which leaves their data and devices at major risk.
Apple Safari and Google Chrome working on resolving critical security flaw:
Meanwhile, a recent but separate Forbes report indicated that Apple and Google are attempting to remedy a significant security flaw that has existed in their web browsers for years. This vulnerability, associated with the IP address 0.0.0.0, is apparently being used by cybercriminals to compromise devices and steal personal data.
According to Forbes, this security flaw could have persisted for up to 18 years, but developers only recently discovered it. Researchers from the Israeli cybersecurity firm Oligo discovered the problem, which has been dubbed a “zero-day vulnerability” due to the absence of prior notice and prompt repair.
The hack, termed the “0.0.0.0-day attack” by Oligo AI security researcher Avi Lumelsky, involves malicious websites delivering potentially destructive requests over the 0.0.0.0 IP address. If a user mistakenly clicks on a malicious link, attackers may get unauthorized access to sensitive data on their device.
Although this problem mostly affects individuals and companies who maintain their own web servers, the potential impact on compromised systems is enormous, and experts warn that this security issue should not be overlooked.
In a single day, 3.6 crore Indians chose us as India’s indisputable platform for General Election Results.
Source:Mint
