There’s a major security flaw concerning many of the best browsers and other apps that you must address as soon as possible to prevent hackers from attacking your device.
The vulnerability, which is being tracked as CVE-2023-4863, is caused by a heap buffer overflow in the WebP code library (libwebp) and can lead to your system crashing or arbitrary code execution when exploited.
Affected applications include Chrome, Firefox, Brave, and Edge, along with other programs like Telegram, Thunderbird, and Gimp.
“Very bad”
Most Chromium-based browsers have rolled out their updates, including the four mentioned above, while others expected to be issuing patches soon. We’d advise you to keep an eye out for update notifications and to apply your browser patch(es) as soon as possible.
Heap buffer overflow allows an attacker to flood an area of a system’s memory with malicious activity, in turn allowing them to take control of a device, obtain data, or simply spread malware.
Alex Ivanovs of Stack Diary, who, alongside a in-depth technical explanation of the flaw, also noted that the vulnerability has affected more than just browsers, noticed that Apple has patched macOS Ventura to address the flaw with version 13.5.2.
Apple’s Security Engineering and Architecture (SEAR) team and the University of Toronto Munk School’s Citizen Lab are credited with first reporting the bug on September 6th.
Failure to update could result in damage being done to a victim’s machine and even the loss of personal data.
