Indian Computer Emergency Response Team (CERT-In), released multiple vulnerability notes throughout the week for security bugs detected in commonly used software. Amongst the affected software were Google’s Android and Chrome OS, Microsoft’s Edge, and Mozilla’s Thunderbird email application.
Google Android and Chrome OS
Multiple high-severity vulnerabilities were reported in Google’s Android OS which could be exploited by threat actors to obtain sensitive information, gain elevated privileges and cause a denial of services on targeted systems.
The bugs found to exist due to flaws in Android OS’ Framework, media framework, system components Google play systems, MediaTek components, Qualcomm components, and Unisoc components, could allow attackers to remotely bypass security restrictions thereby compromising the security of affected devices.