The vulnerabilities exist in Google ChromeOS LTS channel versions prior to. The vulnerabilities in Google ChromeOS pose a pretty similar threat as Firefox. These loopholes may provide an attacker access to sensitive information on the targeted system. The vulnerabilities exist due to Memory safety bugs within the browser engine, preload cache bypasses subresource integrity, leak of cross-site resource redirecting information while using the Performance API, among others.
In case of Mozilla Firefox, versions prior to 103, ESR versions prior to 102.1 and 91.12 have been found vulnerable. The macOS vulnerabilities exist due to out-of-bounds write in Audio, ICU, GPU Drivers, and WebKit, out-of-bounds read in ImageIO and Kernel, authorisation issues have been found in AppleMobileFileIntegrity information disclosure in the Calendar and iCloud Photo Library, among others. Similar vulnerabilities have been found in iOS and iPadOS versions prior to 15.6. Government Postpones Deadline for VPN Providers to Store, Share User Data.Authorisation issues have been found in AppleMobileFileIntegrity information disclosure in the Calendar and iCloud Photo Library.
The macOS vulnerabilities exist due to out-of-bounds read in AppleScript, SMB and Kernel, out-of-bounds write in Audio, ICU, PS Normalizer, GU Drivers, SMB and WebKit. The cybercriminal can execute arbitrary code, bypass security restrictions, and cause DoS conditions on the targeted system. The vulnerabilities in macOS versions as well as iOS and iPadOS could be exploited by a remote attacker by persuading a victim to visit a malicious website. Mac machines running on macOS Catalina with security update prior to 2022-005, macOS Big Sur versions prior to 11.6.8, and macOS Monterey versions prior to 12.5 are at risk, as per CERT-In. As per the nodal agency, these vulnerabilities can be used to bypass security restrictions and cause denial-of-service (DoS) attacks rendering the devices unusable. iOS is an operating system for iPhone models, iPadOS runs on iPad models, and macOS powers the Mac machines.
The Indian Computer Emergency Response Team (CERT-In) appointed by the Ministry of Electronics and Information Technology has found multiple vulnerabilities of high severity in iOS, iPadOS, and macOS by Apple as well as Google' ChromeOS and Mozilla' Firefox Internet browser.
0 kommentar(er)
