CERT-In Warns of Critical Bugs in Microsoft Edge and Android Devices

The Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics & Information Technology, issued a warning on Monday regarding multiple vulnerabilities in the Chromium-based Microsoft Edge browser. These vulnerabilities could potentially allow attackers to compromise targeted systems. The advisory specifically highlighted that Microsoft Edge Stable versions prior to 125.0.2535.85 are affected.

Nature of Vulnerabilities

CERT-In identified several issues within Microsoft Edge, including:

  • Out-of-bounds memory access in keyboard inputs.
  • Out-of-bounds write in the streams API.
  • Heap buffer overflow in WebRTC.
  • Use-after-free vulnerabilities in dawn, media session, and presentation API.

These vulnerabilities arise from improper handling of memory and inputs, which can be exploited by attackers. By enticing a victim to open a specially crafted file, an attacker could leverage these flaws to gain control over the system.

Advisory to Users

CERT-In has advised users to apply the necessary security updates provided by Microsoft to mitigate these risks. Updating to the latest version of Microsoft Edge is crucial to ensure protection against these vulnerabilities.

Android Vulnerabilities Warning

In addition to the Microsoft Edge warning, CERT-In also alerted users about multiple vulnerabilities in Android systems. These flaws could enable attackers to obtain sensitive information, gain elevated privileges, and cause denial-of-service (DoS) conditions.

Detailed Breakdown of Android Vulnerabilities

The vulnerabilities in Android are due to issues in various components, including:

  • Framework and System components.
  • Google Play system updates.
  • Kernel.
  • Arm components.
  • MediaTek components.
  • Imagination Technologies.
  • Qualcomm closed-source components.

These vulnerabilities could be exploited to disrupt the normal operation of devices, extract sensitive data, or escalate privileges to gain deeper access to the system.

Recommendations for Android Users

CERT-In recommends that Android users promptly install the latest security patches and updates provided by Google and other relevant manufacturers. Keeping devices updated is vital to safeguard against potential threats and vulnerabilities.

Share this article
Shareable URL
Prev Post

T20 World Cup: Pakistan missed out on a huge opportunity to beat India, says Shahid Afridi

Next Post

Indian origin man shoots brother dead, injures mother, kills self in New York

Read next
Whatsapp Join