On Friday, Computer Emergency Response Team (CERT-In) released notes on bugs affecting Chrome.
(For insights on emerging themes at the intersection of technology, business and policy, subscribe to our tech newsletter Today’s Cache.)
Rating them as high in severity, CERT-In stated that these bugs could be exploited by remote attackers.
The security bugs can allow cybercriminals to bypass security restrictions on the browser, execute arbitrary codes and cause denial of services on computer systems running vulnerable versions of the software.
According to vulnerability notes from CERT-In, these security flaws in Chrome existed due to use-after-free in CSS, which is an overview panel used by developers to preview properties of web pages.
Bugs detected in Use-after-free in Survey, media, assistant, import, logging and notifications in Chrome OS have also been detected.
Other security bugs have been found to exist due to insufficient validation of untrusted input in developer tools, insufficient policy enforcement in developer tools, and custom tabs.
Insufficient validation of untrusted input in VPN, full screen UI, intents and safe browsing have also been detected.
While releasing the update with security fixes, Google noted that details of some of the bugs have not been released as it will take some time for users to update to the stable version of the browser.
Google had released security fixes for bugs detected in its Chrome browser earlier in September as well.
