![]() ![]() The zero-day was initially reported on September 6th by Apple's Security Engineering and Architecture (SEAR) team and The Citizen Lab at the University of Toronto's Munk School. Google had already patched this flaw in Chrome after discovering that it was actively exploited. The security updates to fix this zero-day were released for Firefox versions 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2, and the company strongly advises users to update their Firefox and Thunderbird installations to protect their systems from potential attacks.Īdditionally, the same CVE-2023-4863 vulnerability affects other software that uses the vulnerable WebP code library version, including Google Chrome. ![]() The vulnerability itself, tracked as CVE-2023-4863, is the result of a heap buffer overflow in the WebP code library (libwebp), and this issue can lead to crashes or arbitrary code execution when malicious WebP images are opened - Mozilla acknowledged that this vulnerability has already been exploited in the wild. Its packaged in Format so it can easily integrate with the Platform. And they wont affect your standard local or portable Firefox install. Mozilla has issued a series of emergency security updates to address a critical zero-day vulnerability affecting the Firefox browser and the Thunderbird email client. is proud to announce the release of Mozilla Firefox®, Portable Edition 117.0 Beta 1. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |