May 11th 2024.
Recently, the Indian Computer Emergency Response Team, which falls under the Ministry of Electronics & Information Technology, has issued a warning to users regarding potential vulnerabilities in Apple iTunes and Google Chrome for desktop. These vulnerabilities could potentially give an attacker the ability to run code on the targeted system.
Specifically, this warning pertains to older versions of Apple iTunes for Windows, specifically versions prior to 12.13.2. The affected versions of Google Chrome for Desktop include those before 124.0.6367.201/.202 and 124.0.6367.201.
According to the advisory released by CERT-In, there is a vulnerability in Apple iTunes that could be taken advantage of by a remote attacker to run arbitrary code on the targeted system. This vulnerability is due to a lack of proper checks in the CoreMedia component. To exploit this vulnerability, the attacker would need to send a specially crafted request.
In addition to this, the advisory also mentions vulnerabilities in Google Chrome, specifically in the Visuals & ANGLE components, as well as in WebAudio. These vulnerabilities are caused by use-after-free errors and a heap buffer overflow, respectively. To exploit these vulnerabilities, the attacker would need to execute a specially crafted HTML page, which could lead to heap corruption.
If successfully exploited, these vulnerabilities could allow the attacker to compromise the targeted system. As a precautionary measure, CERT-In recommends that users apply any necessary security updates as advised by the affected companies, in order to protect against these vulnerabilities.
In conclusion, it is important for users of Apple iTunes and Google Chrome for desktop to be aware of these potential vulnerabilities and take necessary steps to protect their systems. As technology continues to advance, it is crucial to stay vigilant and stay informed about potential security threats.
[This article has been trending online recently and has been generated with AI. Your feed is customized.]
[Generative AI is experimental.]