CERT-In has warned users about the issues and urged them to install the updated Chrome on their systems.
Chrome users are advised to install the latest update
Photo Credit: Unsplash/ Firmbee.com
Google has released Chrome version 102.0.5005.115 for Windows, Mac, and Linux. The new release fixes a total of seven security vulnerabilities — of which, four are marked highly severe. The update is rolling out to desktop users across Windows, macOS and Linux platforms over the coming days. India's Computer Emergency Response Team (CERT-In) and the United States Cybersecurity and Infrastructure Agency (CISA) have urged users to install the latest Chrome release on their systems to prevent the reported issues.
The four security issues that are rated with high severity are tracked as CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, and CVE-2022-2011, as Google explained in a blog post.
The vulnerability that is tracked as CVE-2022-2007 is a Use-After-Free (UAF) vulnerability, which exists in the WebGPU to API and allows attackers to hack by exploiting incorrect use of dynamic memory. The CVE-2022-2008 flaw, on the other hand, results in out-of-bounds memory access in WebGL.
Chrome's compositing component is also found to have the CVE-2022-2010 issue, which is an out-of-bounds read vulnerability. The last high-risk vulnerability, CVE-2022-2011, is a use after free flaw in ANGLE engine abstraction layer.
Although Google has detailed the four highly severe issues, it has not provided public access to the details as a large number of users are yet to bring the fix.
"We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed," the company said.
In response to the public disclosure from Google, CERT-In has released a vulnerability note to urge users to install the latest update.
"Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system," the advisory by the nodal agency said.
The CISA has also encouraged users and administrators to apply the update on their systems.
Users can check for the latest release on their Windows, Mac, and Linux systems by going to Chrome > About Google Chrome. The update can also be installed by clicking on the three-dot button from the right-most corner and then Help > About Google Chrome.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.