The Computer Emergency Response Team (CERT-In) on Friday released notes for vulnerabilities affecting Google Chrome’s desktop version for Mac and Linux users.
CERT-In also released notes for vulnerabilities detected in Zoom products on Monday. These vulnerabilities have been detected in Zoom’s on-premise meeting connector and can be exploited by attackers to access audio and video feed of meetings, while staying invisible to participants in the meeting.
In Google Chrome
The vulnerabilities detected in Google Chrome can be exploited remotely by attackers to bypass security restrictions, execute arbitrary codes and cause denial of service on the targeted systems.
CERT-In noted that the vulnerabilities in Chrome’s desktop version exist due to use after free in PDF and frames, and out of bounds write in storage, in which a program starts writing outside the bounds of allocated memory. Vulnerabilities also exist due to heap buffer overflow, where a chunk of memory is allocated to the heap and data is written out of bounds, affecting the overall memory of the system, in internals and insufficient validation of untrusted input in developer tools.
The vulnerabilities could be exploited by remote attackers by persuading users to visit specially crafted websites.
Google on Wednesday noted that six of the vulnerabilities had been brought to notice by external researchers. Google also stated that its latest security update included fixes for 11 vulnerabilities found to be affecting Chrome for Mac and Linux users.
In Zoom products
CERT-In reported vulnerabilities rated in the medium severity category.
The vulnerabilities can be exploited by a remote attacker to join meetings they are authorised to join without appearing to other participants. This could enable them to obtain video and audio feed of meetings they were not authorised to join, and even disrupt targeted meetings.
The vulnerabilities have been found to affect Zoom on-premise meeting connectors. They exist due to improper access and control implementation.
Zoom on its website, noted that the vulnerability was first reported by its offensive security team. It released updates fixing it.