“Multiple vulnerabilities have been reported in Google chrome which could be exploited by an attacker to execute arbitrary code on the targeted system,” CERT-In said in its advisory.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, could view, change, or delete data in the targeted system, it added.
Explaining the problem, CERT-In said, “Multiple vulnerabilities exist in Google Chrome due to Use after free in Payments, Heap buffer overflow in Extensions, Heap buffer overflow in Tab Groups, Use after free in Fonts, Use after free in Navigation, Inappropriate implementation in Skia and Heap buffer overflow in V8. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted website.”
Google acknowledged that the new update includes six security fixes that were contributed by external researchers.
Meanwhile, Google has rolled out the beta version of Chrome 89. The upcoming update will have several new features including Privacy Sandbox. Chrome 89 is said to come with changes to the Discover feed on the New Tab Page but mostly in design elements. Google is set to replace the cards in which articles are listed with dividers. The font is also said to be bigger and the description on the card has also been removed.