The Indian Computer Emergency Response Team (CERT-In) has lately raised concerns about potential threats to sensitive data of users through critical vulnerabilities found in Google Chrome and Microsoft Edge browsers. These vulnerabilities, detailed in notes CIVN-2023-0361 for Google Chrome and CIVN-2023-0362 for Microsoft Edge, pose a high-severity risk, urging immediate action from users.
CERT-In found some problems in Google Chrome and Microsoft Edge that could let cyber attackers get into your computer. If they do, they might see your private info, get more control, and make the computer do things it should not. It is important to update your web browser immediately.
For Google Chrome users, the risk applies to versions prior to v120.0.6099.62 on Linux and Mac, as well as versions prior to 120.0.6099.62/.63 on Windows. Similarly, Microsoft Edge users with versions older than 120.0.2210.61 are potentially vulnerable to these exploits.
The vulnerabilities in both browsers stem from “Use after free in Media Stream, Side Panel Search, and Media Capture; Inappropriate implementation in Autofill and Web Browser UI,” as outlined in the vulnerability note on the CERT-In website. The warning says that a remote attacker might use a special request to take advantage of the problems in the browsers. It is like someone trying to trick your computer by sending it a sneaky message. So, it is important to be careful and update your browser to stay safe.
CERT-In gave a heads up about Samsung phones too. Some smart people found problems in Samsung stuff that might let attackers break through the security, look at private info, and make the phone do things it should not. These issues can mess with different parts of the Samsung system, as CERT-In mentioned.