Computer Emergency Response Team (
CERT-in
) has a warning for users of
Google Chrome
and
Microsoft Edge
browsers. The government’s cybersecurity watchdog has informed users of multiple vulnerabilities, which could be exploited by hackers to gain sensitive information and execute arbitrary code on the targeted system.
According to the cybersecurity agency, which comes under the Ministry of Electronics and Information Technology (MeitY), has detailed the warning in CERT-In Vulnerability Note CIVN-2023-0361 for Google Chrome for Desktop, and CERT-In Vulnerability Note CIVN-2023-0362 for Microsoft Edge (Chromium-based).
CERT-In says that the severity rating is high for these security flaws. Those who are using Google Chrome versions prior to 120.0.6099.62 on
Linux and Mac
, Google Chrome versions prior to 120.0.6099.62/.63 on
Windows
are at risk. Similarly, those using Microsoft Edge version prior to 120.0.2210.61 are affected.
Why these bugs exist
These vulnerabilities exist in Google Chrome and Microsoft Edge due to use after free in Media Stream, Side Panel Search and Media Capture. Other reasons include inappropriate implementation in Autofill and Web Browser UI.
A remote attacker could exploit these vulnerabilities by sending a specially crafted request to the targeted system.
"Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code and information disclosure on the targeted system," it warned.
How to safeguard
Users of these web browsers are advised to install security updates that have already rolled out to users. It is also advised that users should update their browsers as and when the security updates for them are released by the companies.
Moreover, in order to keep your systems safe, refrain from clicking on unknown links and visit unidentified websites.
English (US) ·