India’s cyber agency warns about bugs in Google Chrome for desktop

A hacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system

A hacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system
A hacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system

Beware Google Chrome users!

The Indian Computer Emergency Response Team (CERT-In) has warned users about multiple vulnerabilities in Google Chrome for desktops that can let hackers gain access to their computers.

The multiple vulnerabilities could allow a remote attacker to execute arbitrary code and security restrictions to bypass the targeted system, according to an advisory by CERT-In, which comes under IT Ministry.

“These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in downloads, Insufficient validation of untrusted input in intents, insufficient policy enforcement in cookies, and inappropriate implementation in extensions API,” the cyber agency said.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code and security restrictions to bypass the targeted system, said CERT-In.

“The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently,” said the agency.

CERT-In also warned about bugs in Apple iOS, iPadOS, and macOS and a “remote attacker could exploit this vulnerability by enticing a victim to open a specially-crafted file”.

[With Inputs from IANS]

PGurus is now on Telegram. Click here to join our channel and stay updated with all the latest news and views

For all the latest updates, download PGurus App.

LEAVE A REPLY

Please enter your comment!
Please enter your name here