High risk warning issued by the Government against Google Chrome, Mozilla users in India

The Indian government’s Computer Emergency Response Team (CERT-In) has recently flagged various vulnerabilities in Chrome and some Mozilla products. It highlighted that these vulnerabilities were providing hackers with access to all of the users’ data and also executing arbitrary codes by bypassing all security mechanisms.

The vulnerabilities marked as ‘high’ risk by CERT-In targeted Chrome OS versions prior to 96.0.4664.209. It includes vulnerabilities marked under CVE-2021-43527, CVE-2022-1489, CVE-2022-1633, CVE-202-1636, CVE-2022-1859, CVE-2022-1867, and CVE-2022-23308 by Google.
The tech giant however has acknowledged the bugs and said that it fixed all of them. The company asked its users to download the latest version of Chrome OS in order to stay protected from these bugs.

Additionally, CERT-In has also flagged bugs in the Mozilla Firefox iOS version prior to 101, Mozilla Firefox Thunderbird version prior to 91.10, Mozilla Firefox ESR version prior to 91.10, and Mozilla Firefox version prior to 101. All of the vulnerabilities have been rated as ‘high’ by Mozilla. The company said that these vulnerabilities, enabled a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, perform spoofing attacks and cause denial-of-service (DoS) attacks on the targeted system.

Mozilla has also released some updates regarding the affected products. It has asked the users to download Mozilla Firefox iOS 101, Mozilla Firefox Thunderbird version 91.10, Mozilla Firefox ESR version 91.10, and Mozilla Firefox version 101 to protect themselves from this vulnerability.