Google Chrome OS has critical vulnerabilities, warns CERT-In

In a recent development, the Indian Computer Emergency Response Team (CERT-In) has flagged a critical alert regarding security vulnerabilities found in earlier versions of Google Chrome OS.

The security alert, identified as CIVN-2024-0031 and released on February 8, 2024, emphasises the crucial nature of the risks associated with Google Chrome OS versions preceding 114.0.5735.350 on the LTS channel.

Vulnerabilities and Associated Risks

CERT-In has identified vulnerabilities in Google Chrome OS that could potentially be exploited by remote attackers.

These vulnerabilities may allow the attackers to execute arbitrary code, gain elevated privileges, bypass security restrictions, or induce denial of service conditions on affected systems.

The root causes of these vulnerabilities are attributed to a "use after free" flaw within the Side Panel Search feature and inadequate data validation in extensions.

These issues pose a significant threat to system integrity, highlighting the urgency for users to address them promptly.

Recommended Actions for Users

To mitigate the risks associated with these vulnerabilities, CERT-In strongly advises users to update their Google Chrome OS to version 114.0.5735.350 or later.

This update includes crucial patches that specifically address the identified vulnerabilities. In addition to updating their systems, users are urged to exercise caution while browsing the internet, particularly when encountering unfamiliar or suspicious websites.

It is recommended to avoid interacting with links from untrusted sources or unsolicited emails and messages.

In addition to these specific measures, users are encouraged to implement security best practices.

This includes the use of reputable antivirus software, regular updates of software and applications, and enabling firewalls to enhance defense mechanisms against potential threats.

Also watch: Nothing Phone (2) gets another price cut ahead of Phone (2a) launch