UPDATE YOUR BROWSERS IMMEDIATELY. RCE VULNERABILITY DISCOVERED
nvd.nist.gov
Any Chromium and Firefox browser prior to version 116 will be vulnerable to this, update your browsers.
You are viewing a single comment
Any Chromium and Firefox browser prior to version 116 will be vulnerable to this, update your browsers.
This wording is some legal loophole bullshit.
I have tried to word something that disagrees with this for 30m. I can't figure it out.
This is bullshit.
But this "company is person" tries to re-humanise corporations. I think. Or something.
Have some ranting....
A company is a group of people working in the interest of themselves.
A person is generally working in the interest of themselves.
A group of people always has more power than a single person, and thus should be held to a higher standard.
It seems like Google is taking this seriously... now (assigning a 10.0. The next highest is an 8.8 for $15k). But it seems like the cve is still assigned to chrome, as opposed to libwebp (where the actual vulnerability is)
And while I appreciate the publication - the fact its a 0-day publication (as opposed to "we patched this 6 months ago") means Google hasn't taken it seriously previously (or it's be found exploited in the wild)