Your browser needs an urgent security update

Your browser needs an urgent security update

Share this article

Browsing the web is like navigating the high seas: it's vast and exciting, but sometimes you might encounter a storm. And this is precisely what’s currently happening in the digital world: 

A critical vulnerability in major web browsers has been discovered (and patched!) 

What you need to know

Putting millions of computers and systems at risk, the vulnerability known as CVE-2023-4863 caused a stir and forced all major web browsers’ players to quickly find a patch. The silver lining? There is a simple way to patch it and it’s available already. But you must do so promptly. Let's dive into what this means for you and how to patch it in order to continue your online activities safely. 🚀🔒

What’s the issue

The vulnerability allows attackers to access your web browser or even remotely run malicious code on a user's computer. That’s disturbing! And this vulnerability has been actively exploited in real-world scenarios. Rated as 'severe' by NIST, the flaw is not limited to just these browsers. The root of the problem lies in the code associated with rendering WebP images, a format extensively used across the web.

Leading browser developers, including Google Chrome, Mozilla, Microsoft, and Brave, have all released crucial security patches to counteract this vulnerability. 

What you need to do now

If you recently updated your browser or app to the latest version, your browser has been patched and protected against this vulnerability. If you’re not sure, below are the latest software versions that include the fix:

  • Apple Safari: Update all Apple devices to iOS 17
  • Google Chrome:
    • Mac / Linux: Version 116.0.5846.187
    • Windows: Version 116.0.5845.187/.188
  • Mozilla:
    • Firefox: Version 117.0.1
    • Firefox ESR: Version 102.15.1 and 115.2.1
    • Thunderbird: Version 102.15.1 and 115.2.2
  • Microsoft Edge: Version 116.0.1938.81
  • Brave Browser: Version 1.57.64

Make sure your browser matches or exceeds these versions. If it’s not the case, update immediately to the latest version. 

An impact beyond browsers

The vulnerability doesn't stop at browsers. Apple also rolled out a security update seemingly addressing the same concern. Many other software applications and platforms have been affected: Electron-based apps such as the encrypted messaging app Signal and Bandisoft’s Honeyview, other applications like Affinity, Gimp, LibreOffice, Telegram, numerous Android applications, and even those built with the Flutter framework.

The last word

To our valued clients, at the risk of repeating ourselves here, we urge everyone to take these updates seriously and implement them without delay. Once this is done, it’s best practice to regularly check for software updates and follow trusted tech news sources. And don’t hesitate to spread the word. Inform colleagues, friends, and family about this vulnerability and encourage them to update their software.

Stay safe in the digital world!

Back
Share this article Facebook Twitter LinkedIn By Email
About the author: Marie-Eve Petit

Marie-Eve is WHC’s Marketing Manager and a true word nerd. She loves keeping busy creating content, writing blogs or conversion copy. She also spends way too much time on Twitter and enjoys meditating with a Spritz in hand.

See all articles from this author Interested in writing for Web Hosting Canada?
Web Hosting Canada manages fast and reliable online infrastructure with 24/7 support. Learn more about WHC