Skip to main content

Featured Post

AMD to invest $400 million in India by 2028: Here’s what we know

US chipmaker Advanced Micro Devices said on Friday it will invest around $400 million in India over the next five years and will build its largest design center in the tech hub of Bengaluru. AMD’s announcement was made by its Chief Technology Officer Mark Papermaster at an annual semiconductor conference that started Friday in Prime Minister Narendra Modi’s home state of Gujarat. Other speakers at the flagship event include Foxconn Chairman Young Liu and Micron CEO Sanjay Mehrotra. Despite being a late entrant, the Modi government has been courting investments into India’s nascent chip sector to establish its credentials as a chipmaking hub. AMD said it will open its new design centre campus in Bengaluru by end of this year and create 3,000 new engineering roles within five years. “Our India teams will continue to play a pivotal role in delivering the high-performance and adaptive solutions that support AMD customers worldwide,” Papermaster said. The new 500,000-square-foot (55,5...
1 comment
Read more
Labels

CERT-In flags bugs in Chrome OS, Mozilla products that can allow attackers to gain access to your data

Indian Computer Emergency Response Team (CERT-In) has flagged several vulnerabilities in Google’s Chrome OS and several Mozilla products that can give attackers access to all of users’ data and even executing arbitrary codes by bypassing all security mechanism. These vulnerabilities can also lead attackers to deliver a denial of service attack on targeted systems.

For the unversed, a denial-of-service (DoS) attack takes place when users or victims are unable to access information systems, devices, or other resources owing to hackers. Services that are usually targeted using such attacks include email, websites, online accounts including banking accounts.

Vulnerability in Google’s Chrome OS

The issue that is marked ‘high’ by CERT-In affects Chrome OS versions prior to 96.0.4664.209. It includes several vulnerabilities that have been marked under CVE-2021-43527, CVE-2022-1489, CVE-2022-1633, CVE-202-1636, CVE-2022-1859, CVE-2022-1867, and CVE-2022-23308 by Google.

The agency says that these vulnerabilities can be exploited by an attacker to execute arbitrary code on the targeted system. “These vulnerabilities exist in Google Chrome OS due to heap buffer overflow in V8 internalisation; use after free in Sharesheet, Performance Manager, Performance APIs; vulnerability reported in dev-libs/libxml2; Insufficient validation of untrusted input in Data Transfer and Out of bounds memory access in UI Shelf,” CERT-In wrote in a post.

Google on its part has fixed all the bugs. All you need to do is download the latest version of Chrome OS to protect yourself from this these bugs.

Vulnerability in Mozilla products

Coming to Mozilla products, CERT-In has flagged bugs in Mozilla Firefox iOS version prior to 101, Mozilla Firefox Thunderbird version prior to 91.10, Mozilla Firefox ESR version prior to 91.10 and Mozilla Firefox version prior to 101. All of the vulnerabilities have been rated ‘high’ by the organisation and they can allow a remote attacker to disclose sensitive information, bypass security restrictions, execute arbitrary code, perform spoofing attacks and cause denial-of-service (DoS) attack on the targeted system.

Mozilla, on its part, has released update to the affected products. Users can download Mozilla Firefox iOS 101, Mozilla Firefox Thunderbird version 91.10, Mozilla Firefox ESR version 91.10 and Mozilla Firefox version 101 to protect themselves from this vulnerability.

The post CERT-In flags bugs in Chrome OS, Mozilla products that can allow attackers to gain access to your data appeared first on BGR India.



from BGR India https://ift.tt/V1FBlan
via IFTTT
Email Post
Labels:

Comments

Post a Comment

add