The National Cyber Security Agency in Qatar has issued a warning to Adobe users, urging them to immediately apply patches due to the disclosure of vulnerabilities found in Mozilla’s Firefox and Thunderbird. The agency, however, did not mention other affected browsers.
The vulnerability in question (CVE-2023-4863, CVSS 8.8) is a critical heap buffer overflow in the WebP library, which allows for remote code execution. This vulnerability affects three versions of Firefox and two Thunderbird releases. It is worth noting that other browsers that support the WebP library, including Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari, are also affected. Just last week, Google issued a warning stating that the bug had been exploited in the wild as a zero-day attack before a patch was released. WebP is a technology that enables webmasters and developers to create smaller, visually rich images, thus enhancing the overall user experience.
The Qatari agency took to Twitter to recommend that Mozilla browser users update their software. Surprisingly, the agency did not mention other affected platforms, despite the fact that statistics reveal Firefox has less than 1% of the browser market share in Qatar, while approximately 70% of users in the country prefer to browse the web using Chrome. This peculiar situation might indicate that active attacks specifically targeting Mozilla have been detected in the region. However, Dark Reading reached out to the agency for further clarification but did not receive an immediate response.
Scott Caveza, a staff research engineer at Tenable, highlights that Mozilla’s advisory points out that exploitation in other software has been observed. However, the advisory does not mention any successful attacks that have taken advantage of Firefox or Thunderbird. Caveza also confirms that Apple and Google have acknowledged the presence of exploitation in the wild. The vulnerability has reportedly been utilized by the NSO Group in the case of Apple.
In conclusion, users of Adobe software are being urged to promptly apply patches following the discovery of vulnerabilities in Mozilla’s Firefox and Thunderbird. These vulnerabilities, which allow for remote code execution, have impacted various versions of Firefox and Thunderbird. Additionally, other popular browsers that support the WebP library, such as Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari, are also affected. The Qatari agency’s recommendation specifically for Mozilla users indicates the possibility of active attacks targeting these platforms in the region. As further details emerge, it is crucial for users to remain vigilant and apply necessary patches to protect their systems from potential security breaches.