The Indian government has issued an urgent warning to Android and Google Chrome users, urging them to update their devices to protect against high-risk vulnerabilities. The Indian Computer Emergency Response Team (CERT-In) has flagged these security issues, which could allow hackers to exploit devices, steal data, and even take full control. If you’re using an outdated version of Android or Google Chrome, it’s time to act fast.
CERT-In Alerts: Critical Vulnerabilities Identified
CERT-In issued two advisories, CIVN-2024-0319 and CIVN-2024-0318, detailing security vulnerabilities that could affect millions of devices. These vulnerabilities are classified as high-severity and pose serious threats, ranging from unauthorized data access to malware installation and remote code execution.
Google Chrome vulnerabilities include:
- Integer Overflow in the Layout Feature
- Inappropriate Implementation in the V8 JavaScript Engine
- Type Confusion in the V8 Engine
These weaknesses can be exploited through malicious websites designed to trick users into visiting infected pages. Once executed, hackers could gain unauthorized system access, steal sensitive data, and install malware.
Which Android Versions Are at Risk?
The vulnerabilities identified in Android are equally concerning, with core components such as Framework, System, and subcomponents from MediaTek and Qualcomm being exposed to potential exploitation. CERT-In’s warning highlights several Android versions that are vulnerable:
- Android 12
- Android 12L
- Android 13
- Android 14
- Android 15
Attackers exploiting these vulnerabilities can execute code with elevated privileges, compromise privacy, and steal sensitive data. Users on any of these Android versions are advised to check for security updates immediately.
Steps You Need to Take
Both Google Chrome and Android devices have received security patches to address these vulnerabilities. Here’s how you can protect yourself from potential cyberattacks:
How to Update Google Chrome
- Open Google Chrome and go to Settings.
- Click on “About Chrome” to check for updates.
- Install the latest version of Chrome.
- Current Stable Versions:
- Windows/Mac: 129.0.6668.100
- Linux: 129.0.6668.89
- Current Stable Versions:
These updates are crucial to preventing malicious websites from exploiting known vulnerabilities.
How to Update Android Devices
- Open Settings on your Android device.
- Go to System Updates under the “About” section.
- Check for any available updates and install them immediately.
Google has started rolling out patches as part of its regular security bulletins, ensuring that users stay protected. CERT-In advises users to install updates as soon as they are released to minimize the risk of cyberattacks.
Why Immediate Action is Crucial
Hackers actively exploit vulnerabilities like those identified in these advisories, which makes immediate action essential. If left unpatched, these flaws could result in:
- Remote Code Execution: Attackers could control your device remotely.
- Data Breach: Sensitive personal information could be exposed.
- Malware Infection: Your device could be compromised with malicious software.
With the widespread use of Android and Chrome, these vulnerabilities have the potential to impact millions. Taking these steps will ensure your devices remain secure.
