FP StaffJun 09, 2022 12:38:45 IST
The Computer Emergency Response Team of India or CERT-In has flagged a number of vulnerabilities in Google Chrome and Mozilla Firefox. According to the government agency, these vulnerabilities allow hackers to install malicious programs that can steal sensitive user data, bypass certain restrictions, perform remote actions and also cause a denial of service or DoS attack.
CERT-in has flagged this vulnerability as a high severity issue, meaning, that a large number of systems are in grave danger.
As per a tweet from CERT-In’s official handle, the vulnerabilities are found in Google Chrome versions prior to 96.0.4664.209, whereas for Firefox, the versions that are vulnerable include Firefox iOS prior to 101, Thunderbird version prior to 91.10 Firefox ESR version prior to 91.10 and all desktop Firefox version 101.
According to CERT-In, these vulnerabilities can basically hand over the controls of your system to a malicious hacker, who can then create all sorts of problems for users.
While the hacker can easily steal sensitive data and bypass restrictions to execute a command on the victim’s system, it can also cause a denial of service or DoS attack.
For the unaware, a DoS attack occurs when users are unable to access information systems, devices or other resources on their own system after getting hacked.
However, users do not need to be worried. Both Google and Mozilla were quick to release patches and updates that address these vulnerabilities and fix all of these bugs. Users who want to protect themselves as well as their data stolen should immediately update their systems and software.
Google Chrome OS users can update to version 96.0.4664.209 while Mozilla users can upgrade to Mozilla Firefox iOS 101, Firefox Thunderbird 91.10, Firefox ESR 91.10 and Mozilla Firefox 101.
As a general thumb rule, whenever any software company releases an update a user should get that update as quickly as possible, after going through the patch notes, which clarify what exactly the update is about. This is especially more important if the company has pushed out a security update since they are likely to take care of all the latest vulnerabilities and bugs.