GIFT a SubscriptionGift
HamberMenu
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

year
Click here for our in depth coverage of Lok Sabha and Assembly elections

Some versions of Google Chrome browser may have weak security for desktop users

Vulnerabilities have also been detected due to insufficient validation or untrusted input in v8, an open source Java script and web assembly engine, and insufficient policy enforcement in extensions API

September 05, 2022 04:38 pm | Updated 04:38 pm IST

Nabeel Ahmed
Some versions of Google Chrome browser may have weak security for desktop users

Some versions of Google Chrome browser may have weak security for desktop users | Photo Credit: Reuters

Some versions of Chrome browser for desktop users may be prone to multiple vulnerabilities, according to Computer Emergency Response Team (CERT-In). The team noted on Monday that versions prior to 105.0.5195.52 could be vulnerable.

(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

CERT-In said vulnerabilities exist after free in network service, webSOL, layout, phonehub, browser tag, tab strip, splitscreen, passwords, sign-In flow heap buffer overflow in screen capture, WebUI, Exosphere and Window manager, inappropriate implementation in site isolation, Chrome OS lockscreen, pointer lock and frame sandbox.

Vulnerabilities have also been detected due to insufficient validation or untrusted input in v8, an open source Java script and web assembly engine, and insufficient policy enforcement in extensions API.

Attackers can exploit these vulnerabilities to execute arbitrary code on affected systems, thereby compromising their security. 

CERT-In also released notes for a security bypass vulnerability detected in Google Chrome. 

The high severity vulnerability has been found to exist due to insufficient data validation in Mojo and can be exploited by remote attackers by executing a specially crafted request. 

CERT-In noted that the vulnerability can be exploited by attackers to bypass security restrictions on affected systems, thereby compromising their safety.

Google in a blog also reported the vulnerability, stating that the stable channel has been updated to version 105.0.5195.102 and will be released for the public in the coming days.

The security bypass vulnerability was first shared by Google on September 2 after an anonymous user brought it to notice. 

This is the second time this month that CERT-In has released notes for vulnerabilities in Google Chrome. Earlier, multiple vulnerabilities were detected in Google Chrome OS that could be used by attackers to execute arbitrary codes or cause denial of services.

Related stories

Related Topics

technology (general)

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.