The Indian Computer Emergency Response Team or CERT-In has noted a series of vulnerabilities in Google Chrome and Mozilla Firefox. According to the government agencyThese vulnerabilities allow hackers to install malicious programs that can steal sensitive user data, bypass certain restrictions, perform remote actions, and also cause a denial of service or DoS attack.
CERT-in has marked this vulnerability as a high severity issue, which means that a large number of systems are seriously compromised. According to a tweet from the official CERT-In handler, the vulnerabilities are found in Google Chrome versions prior to 96.0.4664.209, while for Firefox, the versions that are vulnerable include Firefox iOS prior to 101, Thunderbird version prior to 91.10, Firefox ESR version prior to 91.10 and all desktop versions of Firefox 101. According to CERT-In, these vulnerabilities can basically hand over the controls of your system to a malicious hacker, who can then create all sorts of problems for users. While the hacker can easily steal sensitive data and bypass restrictions to run a command on the victim’s system, it can also cause a denial of service or DoS attack. For those who don’t know, a DoS attack occurs when users are unable to access information systems, devices, or other resources on their own system after being hacked. However, users need not worry. Both Google and Mozilla were quick to release patches and updates that address these vulnerabilities and fix all these bugs. Users who want to protect themselves and their stolen data should immediately update their systems and software. Google Chrome OS users can update to version 96.0.4664.209, while Mozilla users can update to Mozilla Firefox iOS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10, and Mozilla Firefox 101. software releases an update, the user should get that update as quickly as possible, after reading the patch notes, which make it clear what exactly the update is about. This is especially more important if the company has released a security update, as they are likely to address all the latest vulnerabilities and bugs. Via: FirstPost
