A important zero-day vulnerability Google reported on Wednesday in its Chrome browser is opening the Web to a brand new chapter of Groundhog Day.
Like a important zero-day Google disclosed on September 11, the brand new exploited vulnerability doesn’t have an effect on simply Chrome. Already, Mozilla has stated that its Firefox browser is weak to the identical bug, which is tracked as CVE-2023-5217. And identical to CVE-2023-4863 from 17 days in the past, the brand new one resides in a broadly used code library for processing media information, particularly these within the VP8 format.
Pages right here and right here record a whole lot of packages for Ubuntu and Debian alone that depend on the library referred to as libvpx. Most browsers use it, and the record of software program or distributors supporting it reads like a who’s who of the Web, together with Skype, Adobe, VLC, and Android.
Learn 7 remaining paragraphs | Feedback