The Indian Computer Emergency Response Team (CERT-In) under the IT ministry has issued a high severity warning for Google Chrome browser users. The warning is for the users who are using browser’s version prior to 97.0.4692.71. As per the warning, multiple vulnerabilities have been reported in Google Chrome which can be exploited by someone to execute arbitrary code on the targeted system.
The advisory further reveals that “these vulnerabilities exists in Google Chrome due to Use after free in Storage, Screen Capture, Sign-in, SwiftShader, PDF, Autofill and File Manager API; Inappropriate implementation in DevTools, Navigation, Autofill, Blink, WebShare, Passwords and Compositing; Heap buffer overflow in Media streams API, Bookmarks and ANGLE; Type Confusion in V8; Incorrect security UI in Autofill, Browser UI; Out of bounds memory access in Web Serial; Uninitialized Use in File API and Policy bypass in Service Workers.”
A remote attacker could exploit these vulnerabilities by enticing a victim to visit a specially crafted webpage. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the targeted system. To avoid any swindling, the CERT-In wants Google Chrome users to update to version 97.0.4692.71. The mentioned version was rolled out by the tech giant earlier this week and it contains a number of fixes and improvements.
Last week, the CERT-In also mentioned that multiple vulnerabilities have been reported in Microsoft Windows which could allow a remote attacker to gain elevated privileges on the targeted system. When combining these vulnerabilities, an attacker can create a straightforward path to a Domain Admin user in an Active Directory environment. This escalation attack allows attackers to easily elevate their privilege to that of a Domain Admin once they compromise a regular user in the domain. This vulnerability exists in Microsoft Windows due to a flaw in the active directory domain services.
You may also like
-
Navigating India’s Skill Landscape
-
Trade Connect E-platform For Exports Is Single Window, Fast, Accessible And Transformational: Shri Piyush Goyal
-
India-us Working Together In Areas Like Critical Minerals, Supply Chains And Advanced Technologies: Shri Piyush Goyal
-
Cabinet Approves Health Coverage to All Senior Citizens of the Age 70 Years and Above Irrespective of Income
-
Cabinet Approves PM Electric Drive Revolution in Innovative Vehicle Enhancement (PM E-DRIVE) Scheme With An Outlay of ₹.10,900 Crore