Beware Google Chrome customers! Indian authorities has a warning for you


The Indian Computer Emergency Response Team (CERT-In) has warned customers about a number of vulnerabilities in Google Chrome for desktop that may let hackers achieve entry to their computer systems. Also Read – EPFO pension scheme holders’ information uncovered on-line, claims safety researcher

The a number of vulnerabilities may enable a distant attacker to execute arbitrary code and Security restriction bypass on the focused system, in line with an advisory by CERT-In, that comes underneath IT Ministry. Also Read – How to obtain and set up Google Chrome on Mac

“These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API,” the cyber company mentioned. Also Read – How to power Dark Mode on Chrome browser: Step-by-Step information

A hacker may exploit these vulnerabilities by sending specifically crafted requests on the focused system.

Successful exploitation of those vulnerabilities may enable a distant attacker to execute arbitrary code and Security restriction bypass on the focused system, mentioned CERT-In.

“The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently,” mentioned the company.

CERT-In additionally warned about bugs in Apple iOS, iPadOS and macOS and a “remote attacker could exploit this vulnerability by enticing a victim to open a specially-crafted file”.

It additionally discovered a number of vulnerabilities in Cisco merchandise once more, which may enable the attacker to execute arbitrary code, info disclosure and cross web site scripting assault on an affected system.

The nation’s premier cyber company had alerted about bugs in Cisco merchandise within the latest previous too.

— IANS




Source link





Source link

Comments are closed.