New Delhi: A warning has been issued for Google Chrome users today, by the Indian Computer Emergency Response Team (CERT-In), it is a division of the ministry of electronics and IT. Multiple Google Chrome vulnerabilities that could let remote attackers run arbitrary code and get around security measures on target systems have been reported.
Multiple vulnerabilities have been found in the Google Chrome browser, according to CERT-In’s warning, “which could allow a remote attacker to execute arbitrary code and bypass security restriction on the targeted system.”
These vulnerabilities exist in Google Chrome due to the use of free FedCM, SwiftShader, ANGLE, Blink, Sign-in Flow, and Chrome OS Shell; a Heap buffer seems to Overflow in downloads, poor intent validation of untrusted input, insufficient cookie policy enforcement, and improper extension API implementation” is also mentioned by CERT-In.
For several iPhones, iPads, and Macs, Apple have also discovered critical security flaws that could theoretically allow attackers to seize total control of these devices. Apple consumers were alerted to a vulnerability earlier this week by CERT-In, which was present in iOS and iPadOS versions prior to 15.6.1 and macOS Monterey versions prior to 12.5.1. The CERT-IN has also found vulnerabilities in CISCO software that might allow an attacker to run arbitrary code, disclose private information, and conduct a cross-site scripting attack on a vulnerable system.