Showing only posts tagged libwebp. Show all posts.

A new Chrome 0-day is sending the Internet into a new chapter of Groundhog Day

Source

Enlarge (credit: Getty Images) A critical zero-day vulnerability Google reported on Wednesday in its Chrome browser is opening the Internet to a new chapter of Groundhog Day. Like a critical zero-day Google disclosed on September 11, the new exploited vulnerability doesn’t affect just Chrome. Already, Mozilla has said …

Google quietly corrects previously submitted disclosure for critical webp 0-day

Source

Enlarge (credit: Getty Images) Google has quietly resubmitted a disclosure of a critical code-execution vulnerability affecting thousands of individual apps and software frameworks after its previous submission left readers with the mistaken impression that the threat affected only the Chrome browser. The vulnerability originates in the libwebp code library …

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Source

Enlarge (credit: Getty Images) Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s causing a large number of offerings from other developers to go unpatched, researchers said Thursday. Two weeks ago …