(Subscribe to our Today’s Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
Google Chrome and Apple Safari versions were found vulnerable to remote attack, the Indian Computer Emergency Response Team (CERT-In) said in two separate statements.
Updating the web browsers to the latest versions is said to avert the possibility of remote attack on devices.
CERT’s two statements were marked high severity and stated, “a remote attacker could exploit these vulnerabilities by creating a specially crafted webpage on the targeted system.”
Google Chrome versions prior to 84.0.4147.89 are vulnerable.
“Multiple vulnerabilities have been reported in Google Chrome that could allow remote attacker to execute arbitrary code, bypass security restrictions, access sensitive information, contact spoofing attack and denial of service (DoS) attack on the targeted system,” CERT-In said in a statement on Monday.
On July 14, Google released Chrome version 84.0.4147.89 with improvements, and 38 security fixes, available for Windows, Mac and Linux. This version will roll out over the coming days and weeks, Google Chrome said in a statement.
Google Chrome version can be checked by clicking on the options menu and scrolling down to “Help” menu option and selecting “About Google Chrome.”
Apple Safari versions prior to 13.1.2 are vulnerable.
“Multiple vulnerabilities have been reported in Apple Safari that could allow remote attacker to execute arbitrary code, perform cross site scripting attacks or cause URL Unicode encoding on a targeted system,” said CERT-In an vulnerability note on Monday.
On July 15, Apple released Safari version 13.1.2, available for macOS Mojave and macOS High Sierra, and included in macOS Catalina.
As part of the Safari version update note, Apple listed a few issues such as, impact on Safari downloads – a malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode; impact on Safari Login AutoFill – a malicious attacker may cause Safari to suggest a password for the wrong domain.
Apple Safari version can be checked by clicking on the Safari menu option and selecting “About Safari.”