chief
Prime VIP
Mozilla and Google have released security updates for their respective web browsers. For Firefox, the update includes fixes for nine different security vulnerabilities. Among the flaws are five different remote code execution vulnerabilities. If exploited, such flaws can allow attackers to remotely install malware on a targeted system without user notification.
Also addressed in the update were a pair of information disclosure vulnerabilities. Each of the flaws could potentially be used by an attacker to perform cross-site-scripting attacks on a targeted system. The remaining patches address issues with secure key exchange and SSL protocols.
For Chrome, the update will patch 10 security flaws in multiple versions of the browser, including two vulnerabilities unique to the Linux version of the browser.
Just one of the 10 flaws was rated as 'critical' by Google. That bug concerns a crash triggered by a flaw in the AutoFill component.
Five of the vulnerabilities, including one of the Linux-only flaws, were rated as posing 'high' security risks. Two of the high-risk vulnerabilities were credited to third party researchers and awarded $500 under the company's paid disclosure programme.
Of the remaining four vulnerabilities, two were classified as 'medium' risks and another two were listed as 'low' security risks.
The US Computer Emergency Response Team (US-CERT) is advising users and administrators to review the updates and install any necessary patches.
Also addressed in the update were a pair of information disclosure vulnerabilities. Each of the flaws could potentially be used by an attacker to perform cross-site-scripting attacks on a targeted system. The remaining patches address issues with secure key exchange and SSL protocols.
For Chrome, the update will patch 10 security flaws in multiple versions of the browser, including two vulnerabilities unique to the Linux version of the browser.
Just one of the 10 flaws was rated as 'critical' by Google. That bug concerns a crash triggered by a flaw in the AutoFill component.
Five of the vulnerabilities, including one of the Linux-only flaws, were rated as posing 'high' security risks. Two of the high-risk vulnerabilities were credited to third party researchers and awarded $500 under the company's paid disclosure programme.
Of the remaining four vulnerabilities, two were classified as 'medium' risks and another two were listed as 'low' security risks.
The US Computer Emergency Response Team (US-CERT) is advising users and administrators to review the updates and install any necessary patches.
![[MarJana]](https://www.unp.me/data/avatars/s/108/108056.jpg?1585816329){kind=avatar}
![[JUGRAJ SINGH]](https://www.unp.me/data/avatars/s/123/123038.jpg?1591210006){kind=avatar}
