Google says it has fixed vulnerabilities in Chrome flagged by CERT-In

Chennai: Google on Wednesday told ET that the vulnerabilities that the IT Ministry's Indian Computer Emergency Response Team (CERT-In) had flagged have been fixed. On Sunday, ET had reported that the CERT-In had issued a warning for those using the Google Chrome version prior to 99.0.4844.74 and said that multiple vulnerabilities have been reported in Google Chrome, "which could allow a remote attacker to execute arbitrary code, bypass security restrictions or cause a denial of service condition on the targeted system."

"We're committed to providing Chrome users with the most secure platform to navigate the web. This includes promptly addressing security issues and vulnerabilities by delivering fixes to our users via an automatic update process, and regularly releasing Chrome updates to ensure a smooth and safe web experience for users," said in a statement to ET on Wednesday. CERT-In had recommended users upgrade to Google Chrome version 99.0.4844.74.

"We have greatly reduced our “patch gap” from 35 days in Chrome 76 to an average of 18 days in subsequent milestones, and we expect this to reduce slightly further with Chrome’s faster release cycle. Irrespective of how quickly bugs are fixed, any in-the-wild exploitation is bad. Chrome is working hard to make it expensive and difficult for attackers to achieve their goals," he said in his post.