Critical security flaw in Safari and Google Chrome reportedly uncovered after 18 years: Here's what happened
security flaw could have existed for as long as 18 years, yet it remained undetected by developers until recently. The issue was uncovered by researchers from the Israeli cybersecurity firm Oligo, leading it to be labeled as a "zero-day vulnerability" due to the lack of prior awareness and immediate patching.The exploit, dubbed the "0.0.0.0-day attack" by Oligo AI security researcher Avi Lumelsky, involves malicious websites potentially sending harmful requests through the 0.0.0.0 IP address.
If a user inadvertently clicks on a malicious link, it could enable attackers to gain unauthorized access to sensitive information on their device.Although this flaw primarily impacts individuals and organizations that host their own web servers, the potential scale of compromised systems is significant, and experts emphasize that this security issue should not be underestimated.The report highlights that Apple has responded by announcing plans to block any attempts from websites to exploit the IP address in question. This fix will be included in the upcoming public beta of macOS Sequoia, along with Safari 18, and is expected to be rolled out to macOS Sonoma and macOS Ventura.Meanwhile, Google has yet to make an official statement, but several posts on Chrome Status indicate that the company is aware of the problem and is considering various solutions.
In contrast, Mozilla has not provided any updates on whether it will address the vulnerability in its Firefox browser.As the tech community waits for more information from these companies, the discovery of this vulnerability highlights the ongoing challenges in maintaining the security of widely-used digital platforms. Milestone Alert!
Livemint tops charts as the fastest growing news
