Find out the high risk warning for chrome and iTunes. The Computer Emergency Response Team (CERT) is operating under the Indian government. It has issued a caution regarding vulnerabilities found in the desktop applications of iTunes and Google Chrome.
CERT warning for Chrome and iTunes
According to the agency, these vulnerabilities have the potential to enable hackers to gain remote access to a user’s device. They can carry out any arbitrary code execution.
CERT’s alert concerning Apple iTunes
CERT has highlighted that a vulnerability in Apple iTunes is present due to inadequate checks within a component known as ‘CoreMedia’. It could be manipulated by hackers through the transmission of a specifically designed request.This vulnerability impacts users of Apple iTunes on Windows versions preceding 12.13.2. In a detailed report, CERT explained, “The vulnerability in Apple’s product is a result of insufficient checks in the CoreMedia component. An external attacker could exploit this vulnerability by sending a specially crafted request. If successfully exploited, this vulnerability could permit a remote attacker to execute arbitrary code on the system being targeted.”
Steps to protect iTunes against CoreMedia vulnerability
According to CERT, one effective measure is to ensure that they have the latest version of iTunes installed. This can help minimize the potential risks. To update their iTunes applications on Windows, users can navigate to the Help section and select the option to Check for Updates.
CERT has identified a security alert for Google Chrome users
Several vulnerabilities have been discovered in Google Chrome. It could potentially be exploited by hackers to infiltrate a targeted system. These vulnerabilities stem from a bug in the Visuals and ANGLE components known as ‘use-after-free’. It allows hackers to trigger ‘heap corruption’ by executing a specially crafted HTML page. According to CERT, the vulnerability is identified under CVE-2024-4671. It is currently being actively exploited. It is strongly recommended that users promptly update their devices to address these vulnerabilities. The vulnerabilities impact users of Google Chrome on desktop systems running versions prior to 124.0.6367.201/.202 for Windows and Mac, as well as version 124.0.6367.201 for Linux.
Steps to protect Chrome from the vulnerability
To safeguard against this new vulnerability, Google Chrome users on Windows, Mac, and Linux should update to the latest version as soon as possible.To do so, users can access the ‘Help’ menu and select ‘About Google Chrome’. It will automatically check for and install any available updates.