California: A critical vulnerability in the WebP image format has been exploited by attackers to gain access to users' computers or execute malicious malware.

The vulnerability, which has been classified as "severe" by the National Institute of Standards and Technology (NIST), affects popular browsers and apps, including Google Chrome, Mozilla Firefox, Microsoft Edge, and Brave. 

It also affects Electron-based apps like Signal and Telegram, as well as "cross-platform apps built with Flutter," many Android applications, and other apps like Affinity, Gimp, LibreOffice, and Telegram.

Also Read: Germany's Growing Imports of Russian Oil Pose Challenges to EU's Energy Diversification Goals

The vulnerability stems from a flaw in the code used to render WebP images. WebP is a modern image format that is often used to deliver images over the web because it can offer better compression than traditional formats like JPEG or PNG.

Attackers can exploit the vulnerability by tricking users into opening a malicious WebP image. Once the image is opened, the vulnerability can be used to take control of the user's computer or install malware.

Also Read:  El Chapo’s wife set for prison release

The good news is that the major browsers have already released security patches to address the vulnerability. Users are urged to update their browsers and apps as soon as possible to protect themselves.

In addition to updating their software, users can also take steps to protect themselves from cyberattacks, such as:

Avoiding clicking on suspicious links or downloading attachments from unknown sources.

Keeping their antivirus software up to date.
Using a firewall.

Being careful about what information they share online.

By taking these steps, users can help to protect themselves from the WebP vulnerability and other cyberattacks.

Here are some additional details about the vulnerability:

The vulnerability is a heap buffer overflow in the libwebp library, which is used by many browsers and apps to decode WebP images.

The vulnerability can be exploited by tricking a user into opening a malicious WebP image.

Once the image is opened, the vulnerability can be used to take control of the user's computer or install malware.

The vulnerability has been actively exploited in the wild.

The major browsers have already released security patches to address the vulnerability.

Also Read:  Elon Musk Gives Control of Starlink to Pentagon Amid Security Concerns

Users are urged to update their browsers and apps as soon as possible to protect themselves from this vulnerability