India’s cybersecurity watchdog issued advisory notices on Wednesday reporting medium to high security vulnerabilities in Microsoft’s desktop browser, Edge, and Google’s Chrome OS.
This advisory follows another warning from the Computer Emergency Response Team India (CERT-In), which found serious security vulnerabilities in Google’s Chrome web browser and urged users to update The software.
CERT-In – the cybersecurity watchdog under the Union’s Department of Electronics and Technology – states that Microsoft Edge, which runs on desktop platforms such as Windows, macOS and Linux, as well as on mobile platforms such as iOS and Android, has 25 security vulnerabilities, which, if exploited by a malicious actor, could allow them to “gain elevated privileges on the targeted system”. Simply put, a hacker could access sensitive areas of your laptop without your knowledge.
Read also :
The vulnerabilities, which CERT-In says are of “medium” severity, affect versions of Microsoft Edge earlier than 101.0.1210.32, which is the latest desktop version.
According to CERT-In, these vulnerabilities were caused by bugs including incorrect implementation of certain types of code, insecure downloads, and improper execution of 3D rendering software, among others.
How to Update Microsoft Edge
1. Open the browser, go to “Settings and more”
2. Select “Help and Feedback”
3. Select “About Microsoft Edge” or type it in the address bar, without the single quotes: “edge://settings/help”.
4. If the “About” page says Microsoft Edge is up to date, you’re sorted.
5. If it says an update is available, select “Download and Install”.
6. The browser will download the update and apply it the next time Edge restarts.
Microsoft Edge also offers users the option to disable automatic downloads. To do this, go to Settings and more > About Microsoft Edge and enable “Download and install updates automatically”.
Vulnerabilities in Chrome OS
Chrome OS is open source and free to use and is used in Chromebook laptops for students.
In a separate brief, CERT-In identified six “high” severity vulnerabilities that require immediate attention. These vulnerabilities have been found in Google Chrome OS version 96.0.4664.207 and earlier.
In the advisory, CERT-In said these vulnerabilities could be exploited to “allow an attacker to execute arbitrary code on the targeted system.” In other words, a hacker can run unauthorized, often malicious, code on the system, which puts the user at risk.
How to Check Chrome OS Version and Update
The latest public version of Chrome OS is build 100.0.4896.133, rolling out on April 29. To check the version of Chrome OS you’re using and update it, follow these steps:
1. Turn on your Chromebook.
2. Connect your Chromebook to Wi-Fi.
3. At the bottom right, select the time.
4. Select Settings.
5. At the bottom of the left panel, select “About Chrome OS”.
6. Under “Google Chrome OS,” you’ll find the version of the operating system your Chromebook uses.
7. Select “Check for updates“.
8. If your Chromebook finds a software update, it will start downloading automatically.
All in all, it is advisable to constantly check the update of your desktop OS, software, mobile OS and apps as developers frequently release security patches.
First post: STI