Google Chrome, Mozilla Firefox Under Attack

by CXOtoday News Desk    Feb 17, 2014


Popular web browsers including Google Chrome and Mozilla Firefox, among others have been detected with multiple vulnerabilities. In view of these suspicious virus-based activities, cyber security experts have warned Internet users in India to guard against arbitrary activities on their systems. They have advised especially large and mid-sized corporations to upgrade their personal versions of these web browsers on their work stations.

“Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird and SeaMonkey which could be exploited by a remote attacker to bypass certain security restrictions, disclose potentially sensitive information, gain escalated privileges, execute arbitrary code and causes denial of service condition on the affected system,” said a new report by the Computer Emergency Response Team of India (CERT-IN), the nodal agency to combat hacking, phishing and other online security-related activities.

“The two web browsers are an important tool for Internet surfing among Indian online consumers. The anomalies have been detected recently and it would be advised that users upgrade their existing versions sooner than later. These activities are mischief on part of hackers or they are harmful viruses,” a cyber security informed PTI.

The agency, in its advisory, said the vulnerability is caused “due to improper restrict access to ‘about’ or ‘home’ buttons by script on other pages in Mozilla Firefox“.

“A user-assisted remote attacker could exploit this vulnerability using a crafted website or webpage. Successful exploitation of this vulnerability could allow user-assisted remote attacker to cause a denial of service condition,” said the report.

Similar issues have been reported in the popular browser offered by Google.

“Multiple vulnerabilities have been reported in Google Chrome which could be exploited by a remote attacker to cause denial of service condition or execute arbitrary code on the target system,” the agency said.

The maximum damage these vulnerabilities can cause, the advisory said, was memory corruption, unwanted downloading of files, loss of sensitive information (when Mozilla Firefox is used in Android phones) and cause of denial of various services on the Internet to the user.

The agency advised Internet users to either use proper security patches (Mozilla Firefox) or upgrade the browser version (Google Chrome).