Indian government's CERT-In or Computer Emergency Response Team has cautioned against multiple severe vulnerabilities in Google Chrome and Mozilla Firefox browsers that are capable of revealing sensitive private user information to remote attackers who can breach security protections. According to India's nodal agency that deals with cyber security threats, hacking and phishing, Google Chrome versions prior to 96.0.4664.209 are affected by security bugs that can be exploited by attackers.
How to protect yourself from vulnerabilities detected in Google Chrome and Mozilla Firefox
"Multiple vulnerabilities have been reported in Google Chrome OS which could be exploited by an attacker to execute arbitrary code on the targeted system," the government said.
Both the companies have urged customers to update the apps to the most recent versions. Also, the nodal agency has, in its threat assessment, advised Chrome users to update their OS versions to avoid being targeted by attackers. The government has also said that there are security flaws in Mozilla products that can impact its Mozilla Firefox version prior to 101, Mozilla Firefox Thunderbird version prior to 91.107, Mozilla Firefox IOS version prior to 101 and Mozilla Firefox ESR version prior to 91.10.
According to the CERT-In report, security flaws in these products can be misused by attackers to successfully bypass security restrictions, sensitive information, execute arbitrary code as well as cause denial of service (DoS) attacks on the targeted systems.
"These vulnerabilities exist in Mozilla Firefox due to SQL injection in the history tab, Cross-Origin resources length leaked, Heap buffer overflow in WebGL, Browser window spoof using full-screen mode..." the nodal agency wrote on its website.