CERT-In Issues 'High-Risk' Alert For Android & Google Chrome Users, Here's What We Know

The Indian Computer Emergency Response Team (CERT-In) has recently flagged a number of vulnerabilities in Android phones that run on versions 15, 14, 13, 12 and 12L. These versions of Android can potentially be hacked and exploited by hackers. CERT-In has issued two advisories namely, CIVN-2024-0319 and CIVN-2024-0318. These advisories are for Android and Google Chrome users, and as per them, the vulnerabilities have potentially exposed millions of users to risk and cyberattacks.

CERT-In has rated these vulnerabilities as 'High Risk' and said that cyber attackers can exploit the vulnerabilities through certain applications or they can also do so through malicious websites via which they would execute code on our devices and gain access to it. 

Google has officially acknowledged the problem and responded by rolling out critical security patches to address the identified vulnerabilities. For users on Windows and Mac systems, the patch version is 129.0.6668.100, while Linux users are advised to update to version 129.0.6668.89. These patches are designed to safeguard devices from potential exploits and ensure the security of their operating environments. Google strongly encourages all users to update their systems promptly to maintain optimal protection against any threats arising from these vulnerabilities.

Don't Scan Random QR Codes, You Can Get 'Quished'

Earlier last month, CERT-In issued an important warning about a new cybersecurity threat called "quishing." Quishing is a type of phishing that uses QR codes to trick people into visiting dangerous websites or downloading harmful files. The goal of attackers is to steal sensitive information such as passwords, financial data, or personal details.

In case you're unfamiliar, QR codes are two-dimensional barcodes that store information like website links or contact info. When you scan them with your phone or a QR code reader, you can quickly access websites or information without having to type anything. You might have used QR codes to make UPI payments, access websites, or even join groups on platforms like Telegram or WhatsApp. So it might be wise to not scan the QR codes that you don't trust or seem malicious or unnecessary.