Update Your Browsers Now

Browsing the Internet nowadays puts you at risk of being hacked. And it’s not just that the Internet is a risky place: a new security vulnerability has been discovered that allows attackers to break into your computer, potentially allowing them to install malware, steal data and even take over your computer.

As reported by Stack Diary , the issue is related to a vulnerability in WebP, a common image codec used on the Internet. This vulnerability is due to a “heap-based buffer overflow” which, in layman’s terms, allows an attacker to overwrite the data on your computer with whatever they want. They exploit this vulnerability by creating a malicious WebP image that, once you view it, can potentially scrape your data, install malware on your computer, or completely take over your system.

Since this codec is widely used, its discovery affected many programs. These include Electron-based applications, including Signal and 1Password, as well as other applications that use the lbwebp library, including Affinity, Gimp, Inkscape, LibreOffice, Telegram, Thunderbird and ffmpeg. Stack Diary confirms that this will also impact many Android apps, in addition to apps built using Flutter.

However, perhaps the most dangerous applications affected by this vulnerability are web browsers. If you use Safari, Chrome, Firefox, Brave, Microsoft Edge, and even Tor, your browser is at risk of this WebP issue.

Fortunately, all of these major browsers have released security patches in the time since this vulnerability was discovered. Apple, for example, released security updates for all currently supported devices last week, followed by security patches for older devices on Monday to fix the problem. If you have an Apple device and have not yet updated the software to the latest version, do so as soon as possible.

Here are the software version numbers for other major browsers:

  • Chrome : 116.0.5846.187 (Mac and Linux), 116.0.5845.187/.188 (Windows)
  • Mozilla : Firefox 117.0.1, Firefox ESR 102.15.1, Firefox ESR 115.2.1.
  • Region : 116.0.1938.81
  • Brave : 1.57.64

If you are using any of the other browsers mentioned in this article, be sure to update it as soon as possible. Although some of them update automatically, it may take some time, so it is better to update manually. For example, to update Chrome, click the three dots in the top-right corner of the window, choose Help > About Google Chrome , then allow Chrome to check for the latest updates. When it’s ready, click Restart to install it.

Also, keep an eye on software updates available for your apps and install them quickly. 1Password currently has a fix, as did other apps at one time.

More…

Leave a Reply