CERT-In Issues High-Security Risks On Google Chrome

CERT-In has identified potential risks for users of Google Chrome that can lead to multiple vulnerabilities regarding their sensitive information. Read more.

chrome users beware

Are you a daily user of Google Chrome? More than a million people use Google Chrome for a wide range of activities, from searching for something basic to making secure transactions globally. However, India's Computer Emergency Response Team, a government authority, has raised a high alert for all Google Chrome users to prevent a mass security breach. The warning comes from discovering multiple vulnerabilities that could potentially open doors for hackers, spammers, and DDOS agents. CERT-In is urging Google Chrome to take immediate action regarding mitigation steps for these vulnerabilities.

What’s The Threat?

People use Google Chrome for various needs. While some do not require us to enter our sensitive information, a lot do. Considering the normalization of online transactions, data sharing, and exchange of sensitive information over the internet with a nothing-will-happen mindset, the CERT-In finds these vulnerabilities a grave threat. These vulnerabilities could bypass security gates, execute arbitrary code, or lead to denial of service actions without notice. These actions can cause multiple forms of harm, from spamming to leaking money and personal data to unsolicited markets.

According to sources, the flaws in Google Chrome’s various extensions in some of the versions include a Heap buffer overflow error in WebP, inappropriate implementation in Custom Tabs, Prompts, Input, Intents, Picture in Picture, and Interstitials, as well as insufficient policy enforcement in Downloads and Autofill. Cybercriminals can easily access the data using these flaws and take advantage.

Who Is At Risk?

While CERT-In has urged the Google team to take all the latest versions of the app in cognizance, a particular set of prior versions are prone to these threats easily.

CVE-2023-4863 is a vulnerability that’s being actively exploited in the wild.  The software versions of Google Chrome vulnerable to these are:

  • Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.188 (for Mac and Linux)Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.188 (for Mac and Linux)
  • Google Chrome (Extended Stable Channel) versions prior to 116.0.5845.187 (for Windows)
  • Google Chrome for Desktop versions prior to 117.0.5938.62 (for Mac and Linux)Google Chrome for Desktop versions prior to 117.0.5938.62 (for Mac and Linux)
  • Google Chrome for Desktop versions prior to 117.0.5938.62/.63 (for Windows)

What Can You Do?

If you use Google Chrome to store personal and sensitive data, keeping them off the platform would be the best first step. For starters, remove all history, cookies, and personal data from the platform. Use a secure alternative payment gateway for transactions. The next step would be to update Google Chome to the latest version, automatically eliminating the security risks associated with prior versions. Use incognito mode to browse websites where you can potentially enter your personal data. Wait for the Google Chrome team’s notice regarding their steps, and try to minimize usage till then for preventive safety.

Manish <span>Content Strategist</span>
Written By
Manish Content Strategist

With a mixture of literature, cinema, and photography, Manish is mostly traveling. When he is not, he is probably writing another tech news for you!

Think Your Professional Journey
Deserves A Spot In Our 40 Under 40 Report?

Featured Blogs


The Cluster of Advance Mobile World, Know Who Owns Whom

4 min read  

Yes, “internet technology” has made the world a global village, and it is now possible to reach anyone anywhere in the world at the click of a button.Mobile devices have played quite a significant role in this too. When you think back to the not-too-distant past when desktop computer


Ever Is Introducing An AI Facial Recognition Service To Detect Age, Gender And Emotions

4 min read  

Ever, the mobile app used by 11 million users across the globe to save and organize their digital photos is introducing an AI model. Yesterday, the company announced that its launchings Ever AI, a platform with visual intelligence abilities for the enterprise consumers.Ever AI consist of the var


'Pokémon GO' Players To Lay Their Hands On Big 'Ultra Bonus Unlock'

3 min read  

Pokemon GO is one of the best ever augmented reality mobile game available on the market, and thus, you just can’t ignore it. The game gave the pokemon lovers a chance to interact with them in real. Pokemon GO started off with around 150 species of Pokemon, and the game developers kept infusin


Instagram Gets QR Codes With New 'Nametag' Feature

3 min read  

Following people you just met is really baffling sometimes. You need to have their social presence information or their contact details for that sake. But what if you don’t have anything? You might have to wait long to get access to such information in order to follow them. Ahem, Instagram has

Featured Interviews


Interview With Coyote Jackson, Director of Product Management, PubNub

MobileAppDaily had a word with Coyote Jackson, Director of Product Management, PubNub. We spoke to him about his journey in the global Data Stream Network and real-time infrastructure-as-a-service company. Learn more about him.

MAD Team 4 min read  

Interview With Laetitia Gazel Anthoine, Founder and CEO, Connecthings

MobileAppDaily had a word with Laetitia Gazel Anthoine, Founder and CEO, Connecthings. We spoke to her about her idea behind Connecthings and thoughts about the company’s services.

MAD Team 4 min read  

Interview With Gregg Temperley, Founder Of ParcelBroker App

MobileAppDaily had a word with Gregg Temperley, Founder. We spoke to him about his idea behind such an excellent app and his whole journey during the development process.

MAD Team 4 min read  

Interview With George Deglin, CEO Of OneSignal

MobileAppDaily had a word with George Deglin, the CEO and co-founder of OneSignal, a leading customer messaging and engagement solution, we learn multiple facets related to customer engagement, personalization, and the future of mobile marketing.

MAD Team 4 min read  
MAD Originals
MAD Originals

Cut to the chase content that’s credible, insightful & actionable.

Get the latest mashup of the App Industry Exclusively Inboxed

  • BOTH
Join our expansive network, build connections and expand your brand presence.