In a collective effort to safeguard users against a critical security vulnerability, tech giants Google, Mozilla, Microsoft, and Brave have released crucial security patches, according to a report from Stack Diary. This vulnerability, classified as severe by the National Institute of Standards and Technology (NIST), has been actively exploited in the wild and poses a significant risk to users’ data and privacy.
The vulnerability in question is associated with the code used to render WebP images, which are widely used across various applications and platforms. An attacker could potentially exploit this vulnerability to gain unauthorized access to users’ systems or execute malicious code on their computers, making it a matter of utmost concern.
Here are the software versions containing the security fixes:
Chrome version 116.0.5846.187 (Mac / Linux)
Chrome version 116.0.5845.187/.188 (Windows)
Firefox 117.0.1
Firefox ESR 102.15.1
Firefox ESR 115.2.1
Thunderbird 102.15.1
Thunderbird 115.2.2
Edge version 116.0.1938.81
Brave Browser version 1.57.64
Furthermore, Stack Diary noted that Electron-based applications, such as the encrypted-messaging app Signal and Bandisoft’s Honeyview, have also issued patches to address this critical vulnerability. Several other applications have been affected by this security issue, including Affinity, Gimp, LibreOffice, Telegram, numerous Android applications, and “cross-platform apps built with Flutter,” as reported by the site.
In a related development, Apple has also taken action to address what seems to be a similar issue by releasing a security patch this week. However, it is worth noting that Apple’s patch references a different issue number on the NIST site, indicating that it may have been a separate but related security concern.
Users are strongly urged to update their software to the mentioned versions promptly to mitigate the risks associated with this critical security vulnerability. Regularly updating your software is a fundamental step in ensuring the security and integrity of your digital environment. Stay safe, stay secure.