Google, Mozilla, Microsoft, and Brave have each issued critical security patches, reports Stack Diary. The patches address a vulnerability that an attacker could use to gain access to or run malicious code on your computer, and the companies acknowledge it’s been actively exploited in the wild. NIST classifies the vulnerability as severe. Other companies’ applications are affected — the vulnerability is linked to code used to render WebP images, which are widely used.
A software vulnerability could give hackers easy access to your computer. Major browser makers have fixed it, but the problem is more widespread than that.
The software version numbers containing the fix are below.
- Google: Chrome version 116.0.5846.187 (Mac / Linux); Chrome version 116.0.5845.187/.188 (Windows)
- Mozilla: Firefox 117.0.1; Firefox ESR 102.15.1; Firefox ESR 115.2.1; Thunderbird 102.15.1; Thunderbird 115.2.2
- Microsoft: Edge version 116.0.1938.81
- Brave: Brave Browser version 1.57.64
Stack Diary mentioned that Electron-based apps like encrypted-messaging app Signal and Bandisoft’s Honeyview have also released patches for the issue. Other apps, like Affinity, Gimp, LibreOffice, Telegram, many Android applications, and “cross-platform apps built with Flutter” are likewise affected, according to the site.
Apple also released a security patch this week for what appears to be the same issue, though it references a different issue number on the NIST site.
- Kaos, aum and irukanjji
- 3
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.