Active Stocks
Tue Oct 15 2024 15:58:51
  1. Tata Steel share price
  2. 155.65 -1.67%
  1. Reliance Industries share price
  2. 2,687.90 -2.09%
  1. Wipro share price
  2. 532.95 -3.00%
  1. Tata Motors share price
  2. 917.45 -1.14%
  1. Axis Bank share price
  2. 1,158.50 -0.51%
Business News/ Technology / News/  Using Mozilla Firefox? Government warns against multiple vulnerabilities
BackBack

Using Mozilla Firefox? Government warns against multiple vulnerabilities

CERT-In is the country's cyber agency under the aegis of IT Ministry. It has advised Mozilla Firefox users to update to the latest versions.

Bugs in Mozilla Firefox browser could allow a remote attacker to bypass security restrictionPremium
Bugs in Mozilla Firefox browser could allow a remote attacker to bypass security restriction

The Indian Computer Emergency Response Team (CERT-In) has cautioned against multiple vulnerabilities in Mozilla Firefox browser that can allow hackers to compromise devices' security systems.

In its advisory, CERT-In says that the bugs in Mozilla Firefox browser could allow a remote attacker to bypass security restrictions, execute arbitrary code and cause denial of service attack on the targeted system.

"These vulnerabilities exist in Mozilla Firefox due to abuse of XSLT error handling, cross-origin iframe referencing an XSLT document... that results in a use-after-free error and memory safety bugs within the browser engine," the cyber agency says in its advisory. A remote attacker could exploit these vulnerabilities by convincing a victim to open a specially-crafted web request, it further adds. 

For the unversed, CERT-In is the country's cyber agency under the aegis of IT Ministry. It has advised Mozilla Firefox users to update to the latest versions. 

CERT-In has also found a vulnerability in open source coding platform Drupal which can allow attackers to bypass security restrictions on the targeted system. "Successful exploitation of this vulnerability could allow an attacker to bypass security restrictions (leak valid payment details and accept invalid payment details) on the targeted system," it warned. 

Earlier this month, CERT-In notified multiple vulnerabilities in Google Chrome that could allow remote attackers to execute arbitrary code and bypass security restrictions on targeted systems. As per the advisory, Google Chrome users running versions prior to Google Chrome 104.0.5112.101 were at the risk.

The agency said that multiple vulnerabilities have been detected in Google Chrome browser “which could allow a remote attacker to execute arbitrary code and security restriction bypass on the targeted system." “These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-in Flow, Chrome OS Shell; Heap buffer overflow in downloads, insufficient validation of untrusted input in intents, insufficient policy enforcement in Cookies and inappropriate implementation in extensions API," it further added.

 

 

3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

Catch all the Business News , Technology News , Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.

Dive into the Amazon Great Indian Festival Sale 2024!
Unbelievable deals on laptops, washing machines, refrigerators, kitchen appliances, gadgets, automotives, luggage and more in amazon sale. Celebrate Diwali 2024 with Amazon's biggest sale of the year.
More Less
Published: 31 Aug 2022, 03:25 PM IST
Next Story footLogo
Recommended For You