![]() Google, Mozilla, Brave, Microsoft and Tor have released security patches for this vulnerability. The vulnerability was first detected by the Apple Security Engineering and Architecture team and The Citizen Lab at The University of Toronto on September 6, StackDiary said. From there, they could steal data or infect the computer with malware. Since this particular heap buffer overflow targets the codec (essentially a translator that lets a computer render WebP images), the attacker could create an image in which malicious code is embedded. A heap buffer overflow allows attackers to insert malicious code by “overflowing” the amount of data in a program, StackDiary explained. In more detail, a heap buffer overflow in WebP allowed attackers to perform an out-of-bounds memory write, NIST said. ProtonVPN Review (2023): Features, Pricing and Alternativesĥ Tips for Securing Data When Using a Personal Mac for Work (TechRepublic) Must-read security coverageĦ Best Cybersecurity Certifications of 2023Ĩ Best Penetration Testing Tools and Software for 2023 SEE: Check Point Software finds that cybersecurity attacks are coming from both the new school (AI) and the old school ( mysteriously dropped USBs). ![]() Many applications use the WebP codec and libwebp library to render WebP images, StackDiary noted. Cross-platform apps built with Flutter.Īpps built on Electron may also be affected Electron released a patch.The problem isn’t with the browsers - the vulnerability originates in the WebP Codec, StackDiary discovered. Users of the affected browsers should update to the most up-to-date version in order to ensure the zero-day vulnerability is patched on their machines. Vulnerability originates in WebP reader.It’s time to update Google Chrome, Mozilla’s Firefox or Thunderbird, Microsoft Edge, the Brave browser or Tor Browser web development news site StackDiary has reported a zero-day vulnerability in all six browsers that could allow threat actors to execute malicious code. Updates are now available to patch a Chrome vulnerability that would allow attackers to run malicious code. Zero-Day Security Vulnerability Found in Chrome, Firefox and Other Browsers
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |