CERT-In has issued a warning regarding Google Chrome OS. According to them, Chrome OS has some vulnerabilities which can be exploited by malicious people to run their code on users' computers. An organization of the Government of India, 'Indian Computer Emergency Response Team (CERT-In)' has issued a warning regarding Google Chrome OS. They say that Chrome OS has some vulnerabilities which can be used by wrongdoers to run their code on users' computers. CERT-In is the main organization in the country to prevent major computer-related attacks. It works under the Ministry of Electronics and Information Technology.

What is said in the advisory?

A warning issued on July 1 states that some vulnerabilities have been found in older versions of Google Chrome OS. By taking advantage of these vulnerabilities, a wrong person can run his desired code on your Chromebook. These vulnerabilities have been reported specifically in the LTS channel (which gives updates late) of Chrome OS, whose version is older than 120.0.6099.315 (platform version: 15662.112).

According to the government cyber security team, two vulnerabilities have been found in Google Chrome OS - the first is 'Heap Buffer Overflow in WebRTC' and the second is 'Use After Free in Media Session'. These vulnerabilities can harm your Chromebook by opening a wrong website. Such websites are specially created for this purpose.

What should users do?

CERT-In has said that Chrome OS should be updated as soon as possible. Google has updated LTS-120 in the LTS (Long Term Support) channel for most Chromebooks, which is version 120.0.6099.315 (platform version: 15662.112). This update fixes both the vulnerabilities that were mentioned - 'Heap Buffer Overflow in WebRTC' and 'Use After Free in Media Session'.