A security bug detected in the V8 engine, used in processing JavaScript, of Chromium-based internet browsers could impact the security of users. These include at least all desktop versions of Google Chrome, Microsoft Edge, Opera, Yandex Browser, Vivaldi, Brave, and others.
Detected by Google’s Threat Analysis Group (TAG), the security bug could be used by cybercriminals to infect users’ devices without any active action on the part of the user and can be exploited by luring users to visit a maliciously crafted website. The security bug can then be used to run arbitrary code on target computers.
The bug could also impact Electron-based applications, as the program exploiting it are essentially web pages opened in the Chromium built into the application, Kaspersky said in a blog post.
Since it is standard Google policy to not share details of a security bug until most users have updated their browsers, details of the security bug are yet to be made public. However, an exploit for the security bug has been detected, and it could have actively been exploited by cybercriminals.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
India’s Computer Emergency Response Team (CERT-In), has released notes for the security bug.
How to secure your browser?
For users the best possible way to ensure secure internet browsing is to use the latest versions of browsers, with updated security patches from publishers. Users should also ensure they regularly check for updates and download them from reliable sources.
Restarting a browser after updating is also important since updates take effect only when applications are restarted. Users should also be careful when visiting websites they are not familiar with, and avoid clicking on links from unverified sources.
Published - April 19, 2023 01:44 pm IST