Government issues high-risk warning for Google Chrome, Mozilla users in India

The Indian government's Computer Emergency Response Team (CERT-In) lately flagged a number of vulnerabilities in Chrome and some Mozilla products. CERT-In highlighted that these vulnerabilities had been presenting hackers with get right of entry to all of the users' information and even executing arbitrary codes by using bypassing all protection mechanisms.

The vulnerabilities marked as 'high' danger by using CERT-In centered Chrome OS variations prior to 96.0.4664.209. It consists of vulnerabilities marked beneath CVE-2021-43527, CVE-2022-1489, CVE-2022-1633, CVE-202-1636, CVE-2022-1859, CVE-2022-1867, and CVE-2022-23308 by using Google. The tech large stated the bugs and stated that it constant all the bugs. The employer entreated customers to download the modern-day model of Chrome OS to remain covered from these bugs.

In addition, CERT-In flagged bugs in the Mozilla Firefox iOS model prior to 101, Mozilla Firefox Thunderbird model prior to 91.10, Mozilla Firefox ESR model prior to 91.10, and Mozilla Firefox model prior to one hundred and one All of the vulnerabilities have been rated 'high' by using Mozilla. These vulnerabilities, the employer said, allowed a far-off attacker to expose touchy information, ignore safety restrictions, execute arbitrary code, function spoofing assaults and purpose denial-of-service (DoS) assaults on the focused system.

Mozilla has additionally launched updates to the affected products. Users are requested to download Mozilla Firefox iOS 101, Mozilla Firefox Thunderbird model 91.10, Mozilla Firefox ESR model 91.10, and Mozilla Firefox model a hundred and one to guard themselves from this vulnerability.

As per CERT-In, these vulnerabilities lead attackers to supply a denial of provider assault on centered systems. A denial-of-service (DoS) assault takes place when customers are unable to get right of entry to records systems, devices, or different assets owing to hackers. Services that are commonly focused the usage of such assaults encompass email, websites, online accounts, amongst others.

The authorities employer stated that these vulnerabilities can be exploited by using an attacker to execute arbitrary code on the centered system. "These vulnerabilities exist in Google Chrome OS due to heap buffer overflow in V8 internalisation; use after free in Sharesheet, Performance Manager, Performance APIs; vulnerability suggested in dev-libs/libxml2; Insufficient validation of untrusted enter in Data Transfer and Out of bounds reminiscence get right of entry to in UI Shelf," CERT-In defined in a legitimate submit

Related post

Privacy And Security

Biggest data leak: Aadhaar Personal data of 81.5 crore Indians on sale on dark web

• 

  by Riya
• Nov 05, 2023

Privacy And Security

Sudan-based hackers shut down X for hours demands for Starlink

• 

  by Ankit Raj Singh
• Sep 04, 2023

Privacy And Security

Millions of Americans’ health data stolen after MOVEit hackers targeted IBM

• 

  by Riya
• Aug 16, 2023

Privacy And Security

Xiaomi System UI Software Crashes globally due to Android Mechanism Updates

• 

  by Neeraj
• Jun 12, 2023

Privacy And Security

Google Pay Glitch: Several Lucky Users Get Upto Rs. 88,000 Accidentally!!!

• 

  by Neeraj
• Apr 10, 2023

Prateek Gupta

View Articles

I'm a Computer Science graduate, likes to do ordinary work in an extraordinary manner. I'm quite creative, a workaholic. I regularly used analyze new research, development, innovation by tech giants. I'm interested in Machine learning, Data Science along with research work applications on them & solving puzzles, quizzes.