Better update your Google, Mozilla, Microsoft, and Brave browsers

Google, Mozilla, Microsoft, and Brave have released critical security patches. This is reported by Stack Diary.

The fixes address the CVE-2023-4863 vulnerability, which could be exploited by remote attackers to gain access to or run malicious code on users’ computers.

The vulnerability was found in the libwebpm library, which is responsible for processing WebP images. The National Institute of Standards and Technology (NIST) classified it as serious. The vulnerability has reportedly been actively exploited.

Fixes are provided in the following versions of the products:

– Google: Chrome 116.0.5846.187 (Mac/Linux); Chrome 116.0.5845.187/.188 (Windows);

– Mozilla: Firefox 117.0.1; Firefox ESR 102.15.1; Firefox ESR 115.2.1; Thunderbird 102.15.1; Thunderbird 115.2.2;

– Microsoft: Edge 116.0.1938.81;

– Brave: Brave Browser 1.57.64;

Stack Diary emphasizes that Electron-based applications such as Signal and Honeyview have also released patches to fix the problem. Meanwhile, the list of affected apps includes Affinity, Gimp, LibreOffice, Telegram, and others, including cross-platform apps built with Flutter.