Google Chrome: India’s cyber security agency CERT-In (Indian Computer Emergency Response Team) has issued a big alert on Thursday. The agency said that several serious security flaws have been found in the Google Chrome desktop browser and GitLab, the platform used by developers.
By taking advantage of these vulnerabilities, cyber criminals can steal user data, run arbitrary code on the system and carry out various types of attacks. CERT-In has also informed that both Google and GitLab have released security patches and updates for these problems which are advised to be installed immediately.
Security vulnerabilities in Google Chrome
According to CERT-In, many technical flaws have been revealed in the desktop version of Google Chrome. These problems are especially in its JavaScript engine which runs the code on websites. If these vulnerabilities are misused, it can affect both the performance and security of the browser.
These include major problems.
- Use After Free errors in PageInfo, Ozone and Storage
- Policy Bypass vulnerabilities in extensions
- Out of Bounds Read issue in V8 and WebXR
The V8 engine is an important part of Chrome that runs websites by converting JavaScript into the technical language of computers. The agency has warned that any remote attacker can take advantage of these vulnerabilities by sending a special website link to users. Through this, hackers can steal sensitive information, bypass security or run arbitrary code on the system.
Flaws found in GitLab
CERT-In also reported that some serious security vulnerabilities were found in both GitLab Community and Enterprise Editions. These problems are related to access control management, that is, the system was not able to properly control which user could access which features.
Due to these vulnerabilities, application testing tools and software verification systems can be affected. If a hacker takes advantage of these vulnerabilities, he can bypass security layers or crash the system, making it temporarily unavailable to users.
What should users do
CERT-In has advised all Chrome and GitLab users to update their software immediately and avoid clicking on any suspicious websites or links. By doing this, cyber attacks through these security vulnerabilities can be protected.
Also read:
From cleaning the house to cooking! This humanoid robot does all the household work, know how much it costs
