The IT Ministry’s -Indian Computer Emergency Response Team (CERT-In) has issued a warning against multiple vulnerabilities in Google Chrome and Apple Safari browsers.

The warning has been issued for users of Google Chrome version prior to 99.0.4844.74. 

The CERT-In’s warning said that “multiple vulnerabilities have been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code, bypass security restrictions or cause a denial of service condition on the targeted system.”

These vulnerabilities exist in Google Chrome in Blink Layout, Extensions, Safe Browsing, Splitscreen, ANGLE, New Tab Page, Browser UI and Heap buffer overflow in GPU, as per the warning.

The successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code, bypass security restrictions, or cause a denial of service condition on the targeted system, it added.

The security agency suggested that users upgrade to Google Chrome version 99.0.4844.74 to prevent cyberattacks.

Apple Safari browser

It also issued warnings for Apple Safari versions prior to Safari 15.4 for macOS.

“Multiple vulnerabilities have been reported in Apple Safari and WebKit for macOS Big Sur and macOS Catalina which could be exploited by an attacker to cause address bar spoofing, arbitrary code execution and unexpected cross-origin behaviour on the targeted system,” it said.

These vulnerabilities exist in Apple Safari and WebKit for macOS Big Sur and macOS Catalina due to buffer overflow, use-after-free, memory corruption and logic issue within the WebKit component. 

“A remote attacker could exploit these vulnerabilities by persuading a victim to visit maliciously crafted web content. Successful exploitation of these vulnerabilities could allow an attacker to cause address bar spoofing, arbitrary code execution and unexpect ross-origin behaviour on the targeted system,” it said.

Users must apply the necessary patches as per Apple Security Updates for the same.

Related Topics