Showing only posts tagged WebP. Show all posts.

Google quietly corrects previously submitted disclosure for critical webp 0-day

Source

Enlarge (credit: Getty Images) Google has quietly resubmitted a disclosure of a critical code-execution vulnerability affecting thousands of individual apps and software frameworks after its previous submission left readers with the mistaken impression that the threat affected only the Chrome browser. The vulnerability originates in the libwebp code library …

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Source

Enlarge (credit: Getty Images) Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s causing a large number of offerings from other developers to go unpatched, researchers said Thursday. Two weeks ago …