Several security vulnerabilities have been detected in popular web browsers Microsoft Edge and Apple Safari.
If left unresolved, remote attackers can exploit said vulnerabilities in these browsers to divert naive users to specially crafted malware-laced websites and take over their systems.
Microsoft Edge has three such vulnerabilities--CVE-2024-2400, CVE-2024-26246, and CVE-2024-26163.
Several flaws in Apple Safari's private browsing feature cause improper processing of web content and loopholes in content security policy, which can lead users to maliciously crafted websites.
"Successful exploitations of these vulnerabilities could allow an attacker to bypass security restrictions, gain sensitive information or denial-of-service (DoS) condition on the targeted system", said the Indian Computer Emergency Response Team (CERT-In).
Apple Safari has six security vulnerabilities—CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23273, CVE-2024-23280, and CVE-2024-23284.
Both Apple and Microsoft have acknowledged the security issues on their browsers and have released security patches. Edge and Safari users are advised to update their browsers to the latest versions--v122.0.2365.92 and v17.4, respectively, on their devices as soon as possible.
In a related development, CERT-In recently flagged similar issues in Google's Android OS.
Security vulnerabilities were detected in several versions of Android, including v12, v12L (for foldable phones), v13, and even the latest v14.
A hacker can exploit these vulnerabilities to obtain sensitive information and gain privileges to cause a Denial of Service (DoS) attack on targeted devices.
Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.
Published 20 March 2024, 12:35 IST