Zero-day affecting Chrome, Firefox and Thunderbird patched

Flaw, under active attack, is a weakness in WebP

John Leonard
clock • 1 min read
Zero-day affecting Chrome, Firefox and Thunderbird patched

Mozilla on Tuesday patched an actively exploited zero-day bug affecting the Firefox browser and Thunderbird email client.

The bug is tracked as CVE-2023-4863. It is a heap buffer overflow flaw in the WebP image format that could be used by a remote attacker to perform an out-of-bounds memory write via a crafted HTML p...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Cloud big three sign open letter urging datacentre kit suppliers to step up

Green

Embodied carbon emissions are the focus

clock 18 July 2024 • 4 min read
Apple takes aim at rivals in new privacy-focused ad campaign

Privacy

New ad shows smartphone users swarmed by birds and bats, depicting intrusive security cameras

clock 18 July 2024 • 2 min read
Indian antitrust regulator finds Apple's App Store abuses market power

Law

Latest in a line of global antitrust regulation against Apple

clock 14 July 2024 • 3 min read

More on Threats and Risks

SolarWinds patches eight critical flaws in Access Rights Manager software

SolarWinds patches eight critical flaws in Access Rights Manager software

Disclosure raises fresh security concerns

clock 21 July 2024 • 3 min read
Cisco patches critical flaw in Secure Email Gateway appliances

Cisco patches critical flaw in Secure Email Gateway appliances

Patch devices immediately

clock 19 July 2024 • 3 min read
Nearly 7% of all internet traffic is malicious, says Cloudflare

Nearly 7% of all internet traffic is malicious, says Cloudflare

Volume and scale of DDoS attacks ‘vast’

Penny Horwood
clock 17 July 2024 • 2 min read