infowebsite.in
Indian government has issued warning for the high-risk vulnerability for the Microsoft Edge and Mozilla Firefox (Chromium-based) users. Should you worry?
Published: 10 Oct 2024 13:00:PM
Cybersecurity Alert! Indian government has a critical warning for the Microsoft Edge and Mozilla Firefox users. Know details.
If you are using Microsoft Edge or Mozilla Firefox, then the government of India has a warning for you that you must read carefully. CERT-In, the Indian Computer Emergency Response Team which works under the Ministry of Electronics and Information Technology of the Government of India, has released a critical high-risk vulnerability alert for the Microsoft Edge (Chromium-based) users. The vulnerability note suggests that multiple issues have been reported in Microsoft Edge (Chromium-based), which exist due to insufficient data validation in Mojo.
These vulnerabilities can be easily exploited by a remote attacker to bypass security restrictions, the report suggested. Also, hackers can execute arbitrary code on the target system by sending a specially crafted request. Once they have successfully bypassed these critical security restrictions, these vulnerabilities will let attackers take control of your device which can put your personal data and the security of the system at risk.
Mozilla Firefox Under Threat Too!
Similarly, CERT-In has also released a vulnerability note for Mozilla Firefox users for the version prior to 131, ESR versions prior to 128.3 and 115.16, and Mozilla Thunderbird versions prior to 128.3 and 131.
The CERT-In report suggests that Mozilla Firefox has identified several vulnerabilities, including prevention of users from exiting full-screen mode in Firefox Focus for Android, bypass of site isolation by compromised content process, cross-origin access to PDF and JSON contents through multipart responses, obscuring of download type through specially crafted filename, potential memory corruption through cloning certain objects, potential directory upload bypass via clickjacking, enumeration of external protocol handlers via popups, denial of service through specially crafted WebTransport request, potential memory corruption during JIT compilation, and memory safety bugs.
A remote attacker could exploit these vulnerabilities by convincing a victim to open a specially crafted web request. If successfully exploited, these vulnerabilities could allow a remote attacker to execute arbitrary code on the targeted system.
What Should You Do?
The risk of increasing vulnerabilities across web browsers is worrying their users. It is crucial to be updated with the latest information and possible risks. One of the major steps to avoid falling victim to cybersecurity threats is to keep your browser updated to the latest versions.
Moreover, you should avoid accessing websites with a potential risk of malicious activity. Always cross-check the link before opening it.
Next Article
Follow us on social media
