The Pakistan Telecommunication Authority (PTA) has issued a cybersecurity advisory urging users to immediately update their Google Chrome browsers following the discovery of two critical vulnerabilities.
The advisory warns that the flaws could allow remote attackers to execute malicious code on affected systems. These vulnerabilities impact all versions of Chrome prior to the emergency update across Windows, macOS, and Linux operating systems.
According to PTA, the first vulnerability, identified as CVE-2024-4671, enables attackers to escape Chrome’s sandbox environment, potentially gaining access to a user’s device through specially crafted webpages. The second flaw, CVE-2024-4761, affects the V8 JavaScript engine, leading to an out-of-bounds write that could also result in arbitrary code execution. Both vulnerabilities are classified as high-severity threats, with exploitation possible through compromised websites.
To mitigate the risks, PTA has advised all users to update Google Chrome to version 124.0.6367.207 or later. Users can check their current version by navigating to “Settings > About Chrome” and relaunching the browser if an update is available. The advisory further recommends configuring Chrome for automatic updates to ensure ongoing protection against emerging threats.
PTA has also urged users to remain vigilant and monitor their systems for any signs of unusual activity that could indicate an exploitation attempt. Organizations and individuals facing security incidents related to these vulnerabilities are encouraged to report them through the PTA CERT Portal or via email.
With the increasing frequency of browser-based security threats, cybersecurity experts emphasize the need for proactive measures.