CERT-in has rated the severity rating for vulnerabilities on both ChromeOS and Microsoft Edge browser as high, suggesting that security threat is high for users who are using outdated versions.
The notification states that due to insufficient data validation in Extensions on Chrome OS, any third-party could persuade a victim to visit a specially crafted web page to exploit these vulnerabilities.
CERT-in in a note recommended users using the Google Chrome OS and Microsoft Edge to immediately update to the latest version or install security patches that are provided by their respective companies.
Microsoft has already released stable channel updates for its Edge browser incorporating the latest security updates.
Earlier, Google released the latest version of the Chrome OS containing security fixes for vulnerabilities mentioned in the CERT-in alert such as insufficient data validation in Extensions.
Affected Microsoft Edge versions:
Affected Google Chrome OS version:
First Published: Feb 12 2024 | 3:15 PM IST