HomeWinBuzzer NewsChromeOS Users Advised to Update Systems Following Discovery of Severe Vulnerabilities

ChromeOS Users Advised to Update Systems Following Discovery of Severe Vulnerabilities

Critical ChromeOS flaws let attackers take over your device! Update to version 114.0.5735.350 ASAP

-

The Indian Computer Emergency Response Team (CERT-in) has disclosed critical security vulnerabilities within Google’s ChromeOS, marking these issues with a High severity rating. The advisory, identified as CIVN-2024-0031, underscores the urgency of addressing these vulnerabilities, which impact all versions of the ChromeOS LTS channel prior to 114.0.5735.350 (Platform version: 15437.90.0).

Nature and Impact of Vulnerabilities

CERT-in’s analysis reveals that the vulnerabilities are primarily related to “Use after free in Side Panel Search” and “insufficient data validation in the extensions.” These loopholes could potentially allow attackers to remotely execute arbitrary code, gain administrative privileges, bypass security measures, and launch Denial of Service (DoS) attacks. Exploitation of these vulnerabilities is conceivable through the simple maneuver of directing a user to a malicious webpage specifically designed to leverage these security flaws.

Recommended Measures and Resolution

In light of these findings, CERT-in strongly recommends that users of ChromeOS devices immediately update their systems to the latest LTS channel version, 114.0.5735.350, to mitigate the risk of such exploits. According to official sources, the mentioned update effectively addresses and resolves the highlighted vulnerabilities, bolstering the security of ChromeOS devices against potential cyber threats.

The proactive identification and remediation of these vulnerabilities underscore the continuous efforts dedicated to maintaining the security integrity of operating systems in the face of evolving cybersecurity challenges. ChromeOS users are encouraged to ensure their systems are up-to-date to safeguard against potential data compromise and system integrity breaches.

Last Updated on November 7, 2024 10:27 pm CET

SourceCERT-IN
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Mastodon