CERT-In, India’s Cyber Agency has warned Google Chrome desktop users of multiple vulnerabilities that could allow hackers to take control of their devices.
These weaknesses could allow an attacker to execute arbitrary code remotely and bypass security on the targeted system, the CERT-In advisory said. Those affected are Google Chrome versions prior to 104.0.5112.101.
The Google Chrome team has identified and patched several high-severity security vulnerabilities that could have allowed attackers fetch data.
According to a report from CERT-In (The Indian Computer Emergency Response Team), these vulnerabilities arise from FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API.
Requests could by sent to people by hackers who are specialized in exploiting these security flaws. Cert-In advise that “The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently,”.