The Indian Computer Emergency Response Team (CERT-in) has identified many security flaws in the Google Chrome operating system and Microsoft Edge web browser. According to the CERT-in website, these vulnerabilities might be exploited by a remote attacker to overcome security constraints and get unauthorized access to user data in Chrome OS, as well as launch malicious code on Microsoft Edge.
CERT-in has assigned a high severity rating to vulnerabilities in both ChromeOS and Microsoft Edge browsers, indicating that customers using older versions face a significant security risk.
The advisory adds that owing to poor data validation in Chrome OS Extensions, any third-party might induce a victim to visit a specially designed web page in order to exploit these vulnerabilities.
CERT-in advised users of the Google Chrome OS and Microsoft Edge to update to the most recent version or install security updates offered by their respective organizations.
Microsoft has already delivered stable channel upgrades for its Edge browser that include the most recent security fixes.
Earlier, Google launched the most recent version of the Chrome OS, which included security improvements for vulnerabilities listed in the CERT-in notice, such as inadequate data validation in extensions.
Affected Microsoft Edge versions:
- Microsoft Edge (Stable) prior to 121.0.2277.98
- Microsoft Edge (Extended Stable) prior to 120.0.2210.167
Affected Google Chrome OS version:
- Google Chrome OS LTS channel version prior to 114.0.5735.350 (Platform Version: 15437.90.0)
Stay Update with FELA News!
Source: Business Standard
