Firefox and Chrome vulnerable to cyber attacks: CERT-In

By Abhinav Mishra | Published on 17 Feb 2014

Indian Cyber security experts have detected multiple vulnerabilities in popular web browsers like Chrome and Firefox.

Firefox and Chrome vulnerable to cyber attacks: CERT-In

Want to modernise your banking loan application?

Build an application that analyses credit risk with #IBMCloud Pak for Data on #RedHat #OpenShift

Click here to know more


Cyber security experts have detected a series of several vulnerabilities in popular web browsers Chrome and Firefox, according to PTI.

Internet users in the Indian cyber space have been asked to keep a check on their systems. In view of these browsers prone to such virus-based activities, users have been advised to upgrade their versions on their workstations.

“Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird and SeaMonkey which could be exploited by a remote attacker to bypass certain security restrictions, disclose potentially sensitive information, gain escalated privileges, execute arbitrary code and causes denial of service condition on the affected system,” the Computer Emergency Response Team of India (CERT—IN) said in its latest advisory to online users in the country.

CERT-In is the agency to combat hacking, phishing and to protect security-related defenses of the Indian cyber space arena.

“The two web browsers are an important tool for Internet surfing among Indian online consumers. The anomalies have been detected recently and it would be advised that users upgrade their existing versions sooner than later. These activities are mischievous on part of hackers or they are harmful viruses,” a cyber security expert told PTI.

The agency in its advisory pointed that this inconsistency is caused "due to improper restrict access to ‘about:home’ buttons by script on other pages in Mozilla Firefox”.

“A user-assisted remote attacker could exploit this vulnerability using a crafted website or webpage. Successful exploitation of this vulnerability could allow user-assisted remote attacker to cause a denial of service condition,” the CERT-In said.

Similar issues have been reported in the popular browser offered by Google. “Multiple vulnerabilities have been reported in Google Chrome which could be exploited by a remote attacker to cause denial of service condition or execute arbitrary code on the target system,” the agency said.

The advisory said that the maximum damage these vulnerabilities can cause include memory corruption, forced downloading of files and loss of information. Users have been asked by the advisory board to either use proper security patches (Mozilla Firefox) or upgrade their browsers with the latest version (Google Chrome).

The affected versions include “Firefox versions prior to 27.0, Firefox extended support release (ESR) versions prior to 24.3, Thunderbird versions prior to 24.3, SeaMonkey versions prior to 2.24 and Google Chrome prior to version 32.0.1700.102.”

Source: TheHindu

Abhinav Mishra

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry. Protection Status