Begin typing your search above and press return to search.
proflie-avatar
Login
exit_to_app
Kamala or Trump?
access_time 5 Nov 2024 4:05 AM GMT
Break up or get dissolved
access_time 4 Nov 2024 4:01 AM GMT
Through oneness to autocracy
access_time 2 Nov 2024 4:58 AM GMT
In football too racism rules the roost
access_time 1 Nov 2024 4:26 AM GMT
The concerns raised by the census
access_time 31 Oct 2024 7:49 AM GMT
exit_to_app
Homechevron_rightTechnologychevron_rightBugs in Google Chrome...

Bugs in Google Chrome for desktop: Indian cyber agency issues warning

text_fields
bookmark_border
Bugs in Google Chrome for desktop: Indian cyber agency issues warning
cancel

New Delhi: Indian Computer Emergency Response Team (CERT-In) has alerted users about several vulnerabilities in Google Chrome for desktops that could allow hackers to take control of their computers.

According to a warning from the IT Ministry's CERT-In, the numerous flaws might enable a remote attacker to run arbitrary code and overcome security restrictions on the targeted machine.

"These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API," the cyber agency said.

A hacker could exploit these vulnerabilities by sending specially crafted requests to the targeted system.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code and Security restrictions to bypass the targeted system, said CERT-In.

"The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently," said the agency.

CERT-In also warned about bugs in Apple iOS, iPadOS and macOS and a "remote attacker could exploit this vulnerability by enticing a victim to open a specially-crafted file".

It also found multiple vulnerabilities in Cisco products again, which could allow the attacker to execute arbitrary code, information disclosure and cross-site scripting attack on an affected system.

The nation's premier cyber agency had alerted about bugs in Cisco products in the recent past too.


With inputs from IANS


Show Full Article
TAGS:Google ChromeCERT-In
Next Story