CERT-In Issues High-Security Risks On Google Chrome

CERT-In has identified potential risks for users of Google Chrome that can lead to multiple vulnerabilities regarding their sensitive information. Read more.

chrome users beware

Are you a daily user of Google Chrome? More than a million people use Google Chrome for a wide range of activities, from searching for something basic to making secure transactions globally. However, India's Computer Emergency Response Team, a government authority, has raised a high alert for all Google Chrome users to prevent a mass security breach. The warning comes from discovering multiple vulnerabilities that could potentially open doors for hackers, spammers, and DDOS agents. CERT-In is urging Google Chrome to take immediate action regarding mitigation steps for these vulnerabilities.

What’s The Threat?

People use Google Chrome for various needs. While some do not require us to enter our sensitive information, a lot do. Considering the normalization of online transactions, data sharing, and exchange of sensitive information over the internet with a nothing-will-happen mindset, the CERT-In finds these vulnerabilities a grave threat. These vulnerabilities could bypass security gates, execute arbitrary code, or lead to denial of service actions without notice. These actions can cause multiple forms of harm, from spamming to leaking money and personal data to unsolicited markets.

According to sources, the flaws in Google Chrome’s various extensions in some of the versions include a Heap buffer overflow error in WebP, inappropriate implementation in Custom Tabs, Prompts, Input, Intents, Picture in Picture, and Interstitials, as well as insufficient policy enforcement in Downloads and Autofill. Cybercriminals can easily access the data using these flaws and take advantage.

Who Is At Risk?

While CERT-In has urged the Google team to take all the latest versions of the app in cognizance, a particular set of prior versions are prone to these threats easily.

CVE-2023-4863 is a vulnerability that’s being actively exploited in the wild.  The software versions of Google Chrome vulnerable to these are:

  • Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.188 (for Mac and Linux)Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.188 (for Mac and Linux)
  • Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.187 (for Windows)
  • Google Chrome for Desktop versions prior to 117.0.5938.62 (for Mac and Linux)Google Chrome for Desktop versions prior to 117.0.5938.62 (for Mac and Linux)
  • Google Chrome for Desktop versions prior to 117.0.5938.62/.63 (for Windows)

What Can You Do?

If you use Google Chrome to store personal and sensitive data, keeping them off the platform would be the best first step. For starters, remove all history, cookies, and personal data from the platform. Use a secure alternative payment gateway for transactions. The next step would be to update Google Chome to the latest version, automatically eliminating the security risks associated with prior versions. Use incognito mode to browse websites where you can potentially enter your personal data. Wait for the Google Chrome team’s notice regarding their steps, and try to minimize usage till then for preventive safety.

Manish <span>Content Strategist</span>
Written By
Manish Content Strategist

With a mixture of literature, cinema, and photography, Manish is mostly traveling. When he is not, he is probably writing another tech news for you!

Think Your Professional Journey
Deserves A Spot In Our 40 Under 40 Report?

Featured Blogs


Android Oreo Finally Comes to Unlocked HTC 10

4 min read  

The Oreo update came up with many features and surprises for Android users but never reached a major portion of the consumers yet. Most of the Android device manufacturers failed to enroll the fully-featured Android Oreo 8.0 to all of their devices.However, HTC is among the few companies that ke


Apple iOS 12.2 Update Is Out With Features Like Apple News Plus, And More

2 min read  

iOS 12.2 update is out now, and the new update is the second major update to the iOS 12 OS from Apple. Interestingly, the new update has been rolled out right after one month of the release of the last iOS update, i.e., iOS 12.1.4.iOS 12.2 has brought along a multitude of new features like new A


Amazon To Introduce Video Ads To Its Mobile App

2 min read  

Soon Amazon shoppers are going to get hit by video ads on their mobile apps. If we go by Bloomberg’s latest report, Amazon is bringing video ads to the mobile app on iOS and Android platforms.From the last couple of months, the Washington-based, multinational technology company was be


Tesla to Build Megafactory in China for Massive Battery Production

4 min read  

Tesla is set to open a new “Megafactory” in Shanghai, China, to manufacture massive batteries.This move will deepen the company's ties to the Chinese market despite previous criticism of its connections to the country. Tesla plans to produce 10,000 “megapacks” a year,

Featured Interviews


Interview With Coyote Jackson, Director of Product Management, PubNub

MobileAppDaily had a word with Coyote Jackson, Director of Product Management, PubNub. We spoke to him about his journey in the global Data Stream Network and real-time infrastructure-as-a-service company. Learn more about him.

MAD Team 4 min read  

Interview With Laetitia Gazel Anthoine, Founder and CEO, Connecthings

MobileAppDaily had a word with Laetitia Gazel Anthoine, Founder and CEO, Connecthings. We spoke to her about her idea behind Connecthings and thoughts about the company’s services.

MAD Team 4 min read  

Interview With Gregg Temperley, Founder Of ParcelBroker App

MobileAppDaily had a word with Gregg Temperley, Founder. We spoke to him about his idea behind such an excellent app and his whole journey during the development process.

MAD Team 4 min read  

Interview With George Deglin, CEO Of OneSignal

MobileAppDaily had a word with George Deglin, the CEO and co-founder of OneSignal, a leading customer messaging and engagement solution, we learn multiple facets related to customer engagement, personalization, and the future of mobile marketing.

MAD Team 4 min read  
MAD Originals
MAD Originals

Cut to the chase content that’s credible, insightful & actionable.

Get the latest mashup of the App Industry Exclusively Inboxed

  • BOTH
Join our expansive network, build connections and expand your brand presence.