Test with different browsers and computers: If possible, try activating the FIDO2 security keys on different computers with different browsers. Install the latest drivers or firmware on the affected computers and try activating the keys again. Contact the vendor or manufacturer of the security keys and check for any available updates. Additionally, verify that the operating system on the computers meets the minimum requirements for FIDO2 support.Ĭheck for driver or firmware updates: FIDO2 security keys may require driver or firmware updates to function properly.
Check the browser versions and update them if necessary. FIDO2 is supported by modern browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, and others.
Verify browser and OS compatibility: Ensure that the browsers being used on the affected computers support FIDO2 security keys. “Users are advised to apply patches urgently,” CERT-In said.Here are a few steps you can take to troubleshoot and resolve this issue: The advisory added that the vulnerability (CVE-2022-2856) was being exploited in the wild. “These vulnerabilities exist in Google Chrome due to use after free in FedCM, SwiftShader, ANGLE, Blink, Sign-in Flow, Chrome OS Shell Heap buffer overflow in downloads, insufficient validation of untrusted input in intents, insufficient policy enforcement in Cookies and inappropriate implementation in extensions API,” it added. The government has advised users running an older version of Google Chrome to update their browser version.ĬERT-In, in its warning, said multiple vulnerabilities had been detected in the Google Chrome browser “which could allow a remote attacker to execute arbitrary code and security restriction bypass on the targeted system”.Īlso Read | WhatsApp will soon let you restore deleted messages According to the Centre’s advisory, Google Chrome users running versions before Google Chrome 1.101 face the risk. The vulnerability has not affected all Google Chrome users. While Apple did not disclose if it had information regarding the extent to which the vulnerabilities had been exploited, the Cupertino-based tech giant has released two security reports. The company said it was “aware of a report that this issue may have been actively exploited”, and asked users to update their software. Voice calls via apps may need govt licenceĪpple, Google’s biggest rivals, has also disclosed security vulnerabilities for iPads, iPhones, and Macs that could allow attackers to take control of these devices.
0 kommentar(er)
