Govt agency warns of severe vulnerabilities in ChromeOS

Install the latest LTS-114 updates to stay safe

Reading time icon 1 min. read

Readers help support Windows Report. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more

chrome OS vulnerability

CERT-in (Indian Computer Emergency Response Team) recently released an advisory highlighting critical security vulnerabilities in Google’s ChromeOS.

The government’s cybersecurity watchdog has designated a High severity rating to the security alert, CIVN-2024-0031, and recommends that these be addressed at the earliest.

On the official website, CERT-in highlights that all Google’s ChromeOS LTS channel versions prior to 114.0.5735.350 (Platform version: 15437.90.0) are affected. It states that the vulnerabilities exist in Use after free in Side Panel Search and insufficient data validation in the extensions.

These allow hackers to remotely gain administrative privileges, execute arbitrary code, bypass security features, and deploy a Denial of Service (DoS) attack on any system running the affected ChromeOS version.

All this can be achieved by tricking you into visiting a webpage specifically designed for deploying the attack.

Updating ChromeOS

CERT-in recommends that you update to the latest LTS channel, 114.0.5735.350, for ChromeOS devices to avert the possibility of an attack or the data being compromised. The official Chrome Releases page also states that the vulnerabilities have been eliminated in the update.

There’s no reason to be concerned. Such vulnerabilities are identified from time to time and patch is released in the latest versions. This is the standard practice!

More about the topics: Chrome OS, chromebook