Government warns Android, Google Chrome, and Firefox users of ‘high’ security risk

The Indian Computer Emergency Response Team (CERT-In) has issued a warning to users about multiple vulnerabilities in the Android operating system that could potentially allow attackers to access sensitive information. The affected software versions include Android 12, 12L, 13, and 14.

According to the advisory issued by CERT-In, these vulnerabilities could be exploited by attackers to obtain sensitive information, gain elevated privileges, and even cause a denial-of-service condition on the targeted system. The flaws are said to exist in various components of the Android OS, including the Framework, System, MediaTek components, Widevine, Qualcomm components, and Qualcomm closed-source components.

In addition to the Android vulnerabilities, CERT-In has also issued advisories for users of Google Chrome and Mozilla Firefox browsers. For Google Chrome, versions prior to 123.0.6312.105.106.107 for Windows and Mac, and versions prior to 123.0.6312.105 for Linux are affected. The vulnerabilities in Google Chrome could allow remote attackers to cause a denial of service, disclose information, and execute arbitrary code on the targeted system.

Similarly, Mozilla Firefox versions prior to 124.0.1 and Mozilla Firefox ESR versions before 115.9.1 are also affected by vulnerabilities that could lead to out-of-bounds access and privileged JavaScript execution.

CERT-In has advised users to apply appropriate updates as soon as they become available to mitigate the risks associated with these vulnerabilities. Stay safe and keep your devices updated to protect your sensitive information from potential cyber threats.