India's cyber agency warns about bugs in Google Chrome for desktop

Representational Image
Representational ImageFile/ GK

New Delhi: The Indian Computer Emergency Response Team (CERT-In) has warned users about multiple vulnerabilities in Google Chrome for desktop that can let hackers gain access to their computers.

The multiple vulnerabilities could allow a remote attacker to execute arbitrary code and Security restriction bypass on the targeted system, according to an advisory by CERT-In, that comes under IT Ministry.

"These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API," the cyber agency said.

A hacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code and Security restrictions bypass on the targeted system, said CERT-In.

"The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently," said the agency.

CERT-In also warned about bugs in Apple iOS, iPadOS and macOS and a "remote attacker could exploit this vulnerability by enticing a victim to open a specially-crafted file".

Related Stories

No stories found.
Greater Kashmir
www.greaterkashmir.com