Any Chromium and Firefox browser prior to version 116 will be vulnerable to this, update your browsers.

  • cheese_greater@lemmy.world
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    1 year ago

    What actual like platforms does this affect and to what extent tho? Like Mac (probably not iOS which is WebKit)?

        • towerful@programming.dev
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          1 year ago

          https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability

          Citizen Lab said Blastpass was discovered on the device of an employee with “a Washington DC-based civil society organization” and that it could be mitigated by Apple’s Lockdown Mode. An investigation into the exploit chain continues, but researchers said it involved “PassKit attachments containing malicious images sent from an attacker iMessage account to the victim.”

          Edit:

          Fuck my reading skill (or fuck articles listing multiple high profile CVEs)…
          Blastpass is not the same libwebp CVE (blastpass, the iMessage thing, is CVE-2023-41064. libwebp is CVE-2023-4863 - although that is the chrome one, despite this affecting libwebp not chrome).

          I think the whole situation is very rapidly being researched and it’s all developing.
          So, no idea if lockdown mode would have any effect

            • towerful@programming.dev
              link
              fedilink
              English
              arrow-up
              10
              ·
              edit-2
              1 year ago

              Nah, this bullshit is progress.
              The root of this problem has always existed. Exploits have always been there, mistakes have always been there. These things are fundamentally unavoidable.
              Acknowledging then, documenting them is new. Sensible disclosure is new. Companies paying for these bug bounties before they are publicly disclosed (so they can be fixed) is new.
              And it’s awesome. It’s security. It’s people working together for the betterment of everyone.

              It would be amazing if people didn’t make mistakes. But that isn’t possible.
              Openess, honesty and quickly remedying of issues is possible, and it’s laudable.

              So yeh, next time you get an annoying update that interrupts you’re workflow. Please understand the work and reason behind the update. You can still be pissed at the interruption, but please appreciate the human reason for it.

              Edit: I read “good” as “god”. Idk if that changes anything

              • cheese_greater@lemmy.world
                link
                fedilink
                English
                arrow-up
                6
                ·
                1 year ago

                I def agree with the openess tenor of your reply. People and companies (since companies technically “are” people) need to stop valuing pride over security and safety and all the good stuff of life. Like, just fix the damn cancer, stop trying to hide it and cut off the progrssively more necrotic limbs to save face.

                We don’t disagree on anything, I was perhaps inelegant and non-specific in my invective.

                • towerful@programming.dev
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  since companies technically “are” people

                  This wording is some legal loophole bullshit.
                  I have tried to word something that disagrees with this for 30m. I can’t figure it out.
                  This is bullshit.
                  But this “company is person” tries to re-humanise corporations. I think. Or something.

                  Have some ranting…

                  A company is a group of people working in the interest of themselves.
                  A person is generally working in the interest of themselves.
                  A group of people always has more power than a single person, and thus should be held to a higher standard.

                  It seems like Google is taking this seriously… now (assigning a 10.0. The next highest is an 8.8 for $15k). But it seems like the cve is still assigned to chrome, as opposed to libwebp (where the actual vulnerability is)

                  And while I appreciate the publication - the fact its a 0-day publication (as opposed to “we patched this 6 months ago”) means Google hasn’t taken it seriously previously (or it’s be found exploited in the wild)

    • Th3D3k0y@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      Current Description

      Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

      • cheese_greater@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        By crafter webpage, does it mean it refers to anything like phishing or something a more savvy user wouldn’t likely “fall for” or does that actually not matter (zero-day or whatever)

    • Phen@lemmy.eco.br
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      Discord, slack, MS Teams, Steam, pretty much anything. But most of them have already fixed it so if you let stuff update itself frequently, there’s little risk.

    • GamingChairModel@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Apple also released urgent out-of-band security patches for iOS and MacOS around the same time, and disclosed that it had something to o do with imag processing. Unclear whether they use libwebp or some other implementation, but they disclosed that it was being actively exploited on iPhones.