A dangerous zero day vulnerability has been found in Chrome and

A dangerous zero-day vulnerability has been found in Chrome and Firefox that hackers are already exploiting

Google Approved “Emergency update for the Google Chrome browser number 117.0.5938.132 for Windows, macOS and Linux operating systems, which is intended to resolve a critical zero-day vulnerability with the identifier CVE-2023-5217 that leads to a buffer overflow in VP8 codec.” in the libvpx library. Hackers are already exploiting this vulnerability.

    Image source: Pixabay

Image source: Pixabay

According to Google security research, the vulnerability is related to the popular media encoding system for the open WebM file format, which Google helped develop. This can leave a wide range of programs vulnerable to attacks, from Chrome and Firefox to Skype and VLC, on virtually all major operating systems, as well as programs associated with hardware from AMD, NVIDIA and Logitech.

Ars Technica reported that Mozilla has already confirmed that the Firefox browser has the same vulnerability, noting that the VP8 WebM format is used in so many software programs around the world that it could become a serious problem. It should be noted that an update has already been released Firefox 118.0.1which fixed the vulnerability CVE-2023-5217.

As the resource stated PC worldThis particular vulnerability appears to only exist when media files are encoded rather than decoded, so the list of affected programs may not necessarily include all programs that use the libvpx library.

About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment