India's top cyber firm warns about potential bugs in Google Chrome for desktop

A hacker could exploit the vulnerabilities in the system by sending specially crafted requests on the targeted system

Representational image. Pic/iStock

The Indian Computer Emergency Response Team (CERT-In) has warned users about multiple vulnerabilities in Google Chrome for desktop, which can enable hackers to gain access to users' computers.

The multiple vulnerabilities could allow a remote attacker to execute arbitrary code and Security restriction bypass on the targeted system, according to an advisory by CERT-In, that comes under IT Ministry.

ADVERTISEMENT

"These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-In Flow, Chrome OS Shell; Heap buffer overflow in Downloads, Insufficient validation of untrusted input in Intents, Insufficient policy enforcement in Cookies and Inappropriate implementation in Extensions API," the cyber agency said.

A hacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system.

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code and Security restriction bypass on the targeted system, said CERT-In.

"The vulnerability (CVE-2022-2856) is being exploited in the wild. The users are advised to apply patches urgently," said the agency.

CERT-In also warned about bugs in Apple iOS, iPadOS and macOS and a "remote attacker could exploit this vulnerability by enticing a victim to open a specially-crafted file".

It also found multiple vulnerabilities in Cisco products again, which could allow the attacker to execute arbitrary code, information disclosure and cross site scripting attack on an affected system.

The nation's premier cyber agency had alerted about bugs in Cisco products in the recent past too.

Also read: Empathy in adolescents helps in preventing cyberbullying: Study

This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!