CERTs Urge Patching of Google Chrome, Android Flaws
Application Security
,
Governance & Risk Management
,
Incident & Breach Response
Exploitation May Lead to DoS, Data Privacy Breach, RCE Attacks
Several global Computer Emergency Response Teams have issued alerts as well as fixes for Google Chrome browser and Android operating system vulnerabilities.
See Also: Live Webinar | How to Stop the Four Horsemen of the Data Loss Apocalypse
Countries issuing the alerts include France, India and Canada.
Google Chrome Vulnerabilities
The Canadian Center for Cyber Security, in its advisory, says that all Chrome for desktop versions prior to 98.0.4758.80 are vulnerable to all flaws reported by the technology giant.
Google Chrome, in its Chrome release update, says that a total of 27 security fixes, including 10 high-, 14 medium- and 3 low-severity vulnerabilities, have been made. Of these, 19 vulnerabilities were disclosed by external security researchers, while the rest were found by internal researchers during “internal audits, fuzzing and other initiatives.”
The vulnerabilities in Google Chrome browser and OS can be used by a threat actor to execute arbitrary code, according to CERT-In. These vulnerabilities exist due to the following conditions:
High-Severity Flaws
Medium-Severity Flaws
Low-Severity Flaw
The latest stable channel update of Chrome for desktop includes fixes for all operating systems and the following version numbers: Windows (98.0.4758.80/81/82), Mac and Linux…
