Bug fixes this week | Vulnerabilities in Google, Microsoft, and Mozilla products fixed
Indian Computer Emergency Response Team (CERT-In), released multiple vulnerability notes throughout the week for security bugs detected in commonly used software. Amongst the affected software were Google’s Android and Chrome OS, Microsoft’s Edge, and Mozilla’s Thunderbird email application.
Google Android and Chrome OS
Multiple high-severity vulnerabilities were reported in Google’s Android OS which could be exploited by threat actors to obtain sensitive information, gain elevated privileges and cause a denial of services on targeted systems.
The bugs found to exist due to flaws in Android OS’ Framework, media framework, system components Google play systems, MediaTek components, Qualcomm components, and Unisoc components, could allow attackers to remotely bypass security restrictions thereby compromising the security of affected devices.
In Chrome OS multiple security bugs were detected which could be exploited by an attacker to cause a denial of service condition on targeted systems. These bugs could be exploited due to a heal buffer overflow in network services and use after free in web transport.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
A heap buffer overflow bug can be used by threat actors to use memory beyond the allocated space within a system and compromise the memory function and ability of software to function properly.
Security bugs in Android and Chrome OS were fixed with the release of updates from Google and users are advised to download and install them to ensure their security.
A data manipulation vulnerability with low severity rating was detected in Microsoft Edge. The bug could allow remote threat actors to trigger a denial of service conditions on affected systems.
The bug in Microsoft Edge existed due to data manipulation which could be exploited by attackers by convincing users to open a maliciously crafted file, the vulnerability report shared from CERT-In shared.
Microsoft has released an update fixing the security bug and users should update their software to ensure security.
A high-severity security bug was reported in Mozilla’s Thunderbird email…