In a recent development, the Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning concerning vulnerabilities detected in Google Chrome OS. The security alert, designated as CIVN-2024-0031 and released on February 8, 2024, emphasizes the critical nature of the risks associated with versions of Google Chrome OS preceding 114.0.5735.350 on the LTS channel.
CERT-In has pinpointed vulnerabilities in Google Chrome OS that could potentially be exploited by remote attackers, allowing them to execute arbitrary code, attain elevated privileges, circumvent security restrictions, or induce denial of service conditions on impacted systems. The root causes of these vulnerabilities lie in a “use after free” flaw within the Side Panel Search feature and inadequate data validation in extensions. These issues pose a significant threat to system integrity, making it imperative for users to address them promptly.
The security agency highlights that remote attackers can exploit these vulnerabilities by luring users to visit specially crafted web pages, activating the identified vulnerabilities upon access. To address these concerns, CERT-In strongly advises users to update their Google Chrome OS to version 114.0.5735.350 or later, as these updates include crucial patches addressing the identified vulnerabilities.
CERT-In’s Recommended Actions:
- Users are urged to exercise caution while browsing the internet, especially when encountering unfamiliar or suspicious websites.
- Avoid interacting with links from untrusted sources or unsolicited emails and messages.
- Implement security best practices, including the use of reputable antivirus software, regular updates of software and applications, and enabling firewalls for enhanced defense mechanisms against potential threats.
In conjunction with the warning, CERT-In has initiated a “Cyber Swachhta Fortnight” from February 1 to 15, 2024, aimed at securing cyberspace from botnets, which pose a significant threat to end-user systems. As part of this campaign, CERT-In, in collaboration with eScan, has introduced the ‘Cyber Swachhta Kendra’ (CSK), providing the eScan Botnet Scanning & Cleaning Toolkit for laptops, desktops, and smartphones.
Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.
Here’s your comprehensive 3-minute summary of all the things Finance Minister Nirmala Sitharaman said in her Budget speech: Click to download!
Download The Mint News App to get Daily Market Updates & Live Business News.
More
Less
Published: 09 Feb 2024, 07:19 PM IST
In a recent development, the Indian Computer Emergency Response Team (CERT-In) has issued a high-severity warning concerning vulnerabilities detected in Google Chrome OS. The security alert, designated as CIVN-2024-0031 and released on February 8, 2024, emphasizes the critical nature of the risks associated with versions of Google Chrome OS preceding 114.0.5735.350 on the LTS channel.
CERT-In has pinpointed vulnerabilities in Google Chrome OS that could potentially be exploited by remote attackers, allowing them to execute arbitrary code, attain elevated privileges, circumvent security restrictions, or induce denial of service conditions on impacted systems. The root causes of these vulnerabilities lie in a “use after free” flaw within the Side Panel Search feature and inadequate data validation in extensions. These issues pose a significant threat to system integrity, making it imperative for users to address them promptly.
The security agency highlights that remote attackers can exploit these vulnerabilities by luring users to visit specially crafted web pages, activating the identified vulnerabilities upon access. To address these concerns, CERT-In strongly advises users to update their Google Chrome OS to version 114.0.5735.350 or later, as these updates include crucial patches addressing the identified vulnerabilities.
CERT-In’s Recommended Actions:
- Users are urged to exercise caution while browsing the internet, especially when encountering unfamiliar or suspicious websites.
- Avoid interacting with links from untrusted sources or unsolicited emails and messages.
- Implement security best practices, including the use of reputable antivirus software, regular updates of software and applications, and enabling firewalls for enhanced defense mechanisms against potential threats.
In conjunction with the warning, CERT-In has initiated a “Cyber Swachhta Fortnight” from February 1 to 15, 2024, aimed at securing cyberspace from botnets, which pose a significant threat to end-user systems. As part of this campaign, CERT-In, in collaboration with eScan, has introduced the ‘Cyber Swachhta Kendra’ (CSK), providing the eScan Botnet Scanning & Cleaning Toolkit for laptops, desktops, and smartphones.
Milestone Alert!
Livemint tops charts as the fastest growing news website in the world 🌏 Click here to know more.
Here’s your comprehensive 3-minute summary of all the things Finance Minister Nirmala Sitharaman said in her Budget speech: Click to download!
Download The Mint News App to get Daily Market Updates & Live Business News.
More
Less
Published: 09 Feb 2024, 07:19 PM IST