The Indian government continues its efforts to keep users informed about significant security concerns across various platforms. Following recent warnings about iOS and Chrome issued to Apple and Google users, respectively, a new alert has been issued, this time targeting users of Google’s ChromeOS.
ChromeOS powers Chromebooks, offering an alternative to Windows for laptops with a focus on cloud applications. The latest security warning comes from the Indian Computer Emergency Response Team (CERT-In), and its high severity rating emphasizes the need for immediate action from affected individuals.
In its bulletin, CERT-In outlines the details of the issue and its potential impact on ChromeOS users: “Multiple vulnerabilities have been reported in ChromeOS which could be exploited by a remote attacker to execute arbitrary code on the targeted platform.”
The agency further elaborates on the nature of these vulnerabilities, pointing to an integer overflow in Skia and a use-after-free condition in Garbage collection, Mojo, and WebAudio components. An attacker could leverage these issues by convincing a victim to visit a specially crafted website.
The identified vulnerabilities affect Chrome devices running ChromeOS LTS channel versions prior to 114.0.5735.343. To mitigate the potential risks, users are advised to promptly update their devices to the latest software patch already provided by Google’s ChromeOS team.
CERT-In’s proactive approach to issuing security alerts and reaching out to the public underscores the importance of keeping users informed about potential risks and encouraging swift action to address vulnerabilities.