Google Chrome OS has multiple vulnerabilities that can allow hackers to cause a denial-of-service attack on the victim’s chromebook. The Indian Computer Emergency Response Team (CERT-In) has spotted multiple vulnerabilities in Google ChromeOS LTS channel version prior to 96.0.4664.219.

What does the warning say?

The agency works under the aegis of the IT Ministry. In its advisory, it says that “multiple vulnerabilities have been reported in Google ChromeOS which could allow a remote attacker to execute arbitrary cc cause a denial-of-service condition on the targeted system”.

It says that these vulnerabilities exist in Google ChromeOS due to Use after free in Blink, Browser Creation, WebUI, Managed devices A Chrome OS Shell, Sign-In Flow, Extensions & Extensions API, Insufficient policy enforcement in Cookies, Inappropriate implementation in Extensions API, Heap buffer overflow in PDF and Side-channel information leakage in Keyboard input. A remote attacker can exploit these vulnerabilities by sending a specially crafted request on the targeted system, it further adds.

The vulnerability is marked with a high severity rating by CERT-In.

What are the devices impacted?

According to the advisory, software affected by the bug are Google ChromeOS LTS channel version prior to 96.0.4664.219 (platform Version: 14268.104.0). Chromebook users are advised to update to the latest Google ChromeOS LTS channel version as mentioned by the vendor.

Earlier this week, CERT-In cautioned against multiple vulnerabilities in Mozilla Firefox browser that can allow hackers to compromise devices’ security systems. The advisory said that the bugs in Mozilla Firefox browser could allow a remote attacker to bypass security restrictions, execute arbitrary code and cause denial of service attack on the targeted system. “These vulnerabilities exist in Mozilla Firefox due to abuse of XSLT error handling, cross-origin iframe referencing an XSLT document… that results in a use-after-free error and memory safety bugs within the browser engine,” the cyber agency said.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.


Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Post your comment

Source link

By unstore : The One-stop Destination! Read the latest global news articles on in english,breaking news & current latest global news headlines,local news, money and financial news,Bitcoin News,automobile news,gaming news,technology news,sports news,political news,international news,bollywood news,tech news

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.