CERT-In has discovered a number of flaws in Chrome and other Mozilla products, including Thunderbird.
The impacted versions of Google’s Chrome and Mozilla’s Firefox have now received upgrades.
If you haven’t updated your browser yet, Google and Mozilla want you to do so right now!
Recently, the Indian government’s Computer Emergency Response Team (CERT-In) issued a list of Chrome and Mozilla vulnerabilities.
CERT-In stated that these flaws allowed hackers to access all of the user’s data and even execute arbitrary code by evading all security safeguards.
Chrome OS versions previous to 96.0.4664.209 were at risk of the vulnerabilities identified as ‘high’ risk by CERT-In.
Additionally, CVE-2021-43527, CVE-2022-1498, and CVE-2022-1489 have been identified by Google as well as CVE-202-1633 and CVE-202-1636.
All the issues have been resolved, according to the tech giant. To avoid being affected by these flaws, Google advised users to update to the most recent version of Chrome OS.
The CERT-In team also discovered security flaws in Mozilla Firefox versions prior to version 101 on iOS, Mozilla Firefox Thunderbird, Mozilla Firefox ESR, and Mozilla Firefox prior to version 91.10.
Mozilla has categorised all of the vulnerabilities as ‘high’. According to the company’s statement, a remote attacker might leak sensitive information, bypass security limitations, execute arbitrary code, perform spoofing attacks, and create denial-of service (DoS) on the targeted system.
Affected Mozilla products have also been updated by Mozilla. In order to protect themselves from this issue, users are urged to download the latest Mozilla Firefox versions 101, 101, 101, and Thunderbird 91.10.
According to CERT-In, these flaws allow attackers to launch a denial of service attack on targeted systems.
Users are denied access to information systems, devices, or other resources as a result of hacker-initiated denial-of-service attacks (DoS).
Email, websites, and online accounts are just a few of the services that are frequently the target of such attacks.
An attacker might use these flaws to execute arbitrary code on a target system, according to the federal agency.
A heap buffer overflow in V8 internalisation, use after free in Sharesheet, Performance Manager, Performance APIs, and a vulnerability in dev-libs/libxml2 are just some of the reasons why these vulnerabilities exist in Google Chrome OS, according to CERT-In.
For More Information Visit Our Site : https://www.techllog.com/