Best News Network

CERT-In points out multiple Google Chrome vulnerabilities: What you need to know | Digit

The Indian Computer Emergency Response Team (CERT-In) has warned users about multiple vulnerabilities in Google Chrome for desktop that can let hackers gain access to their computers.

The multiple vulnerabilities could allow a remote attacker to execute arbitrary code and Security restriction bypass on the targeted system, according to an advisory by CERT-In, that comes under IT Ministry.

“These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API,” the cyber agency said.

A hacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code and Security restriction bypass on the targeted system, said CERT-In.

“The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently,” said the agency.

CERT-In also warned about bugs in Apple iOS, iPadOS and macOS and a “remote attacker could exploit this vulnerability by enticing a victim to open a specially-crafted file”.

It also found multiple vulnerabilities in Cisco products again, which could allow the attacker to execute arbitrary code, information disclosure and cross site scripting attack on an affected system.

The nation’s premier cyber agency had alerted about bugs in Cisco products in the recent past too.

(Except for the headline, the rest of this IANS article is un-edited)

For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.