Apple iTunes Vulnerability
The advisory particularly mentions vulnerabilities in older variations of Apple iTunes, predating model 12.13.2 for Home windows, and sure variations of Google Chrome for Desktop, particularly variations previous to 124.0.6367.201/.202 for Home windows and Mac, and variations previous 124.0.6367.201 for Linux.
CERT-In highlighted the character of those vulnerabilities, stating, “A vulnerability has been reported in Apple iTunes which could possibly be exploited by a distant attacker to execute arbitrary code on the focused system.” This vulnerability stems from inadequacies within the CoreMedia component, permitting distant attackers to probably exploit it by means of fastidiously crafted requests.
Google Chrome Vulnerabilities
Equally, CERT-In identified vulnerabilities in Google Chrome, attributing them to use-after-free errors in Visuals & ANGLE parts, in addition to a heap buffer overflow in WebAudio. The company warned {that a} distant attacker might leverage these weaknesses by deploying a specifically crafted HTML web page to set off heap corruption, probably compromising the integrity of the focused system.
What Customers Ought to Do?
In response to those recognized vulnerabilities, CERT-In strongly advises customers of Apple iTunes and Google Chrome to promptly apply the security updates supplied by the respective firms. This proactive measure is essential in mitigating the dangers related to these vulnerabilities and safeguarding customers’ programs from potential exploitation by malicious entities.By promptly making use of the mandatory safety updates, customers can considerably scale back the vulnerability of their programs and shield themselves from potential security breaches.