Apple Security Advisory 09-26-2023-2 - macOS Sonoma 14 addresses buffer overflow, bypass, code execution, out of bounds read, resource exhaustion, spoofing, and use-after-free vulnerabilities.

Apple Security Advisory 09-26-2023-2

Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.

WHAT'S HERE:

This source distribution includes the vorbis-tools and nothing else.
The audio codec libraries for use with Ogg bitstreams are contained in
other modules: vorbis, speex and flac.


DIRECTORIES:

debian/		debian packaging stuff
include/	header files shared between the tools
intl/		GNU gettext library from gettext-0.10.40 (for i18n support)
ogg123/		an ogg vorbis command line audio player
oggenc/		the ogg vorbis encoder
oggdec/		a simple, portable command line decoder (to wav and raw)
ogginfo/	provides information (tags, bitrate, length, etc.) about
		an ogg vorbis file
po/		translations for non-English languages
share/		code shared between the tools
vcut/		cuts an ogg vorbis file into two parts at a particular point
vorbiscomment/	edits the comments in an ogg vorbis file
win32/		Win32 build stuff


DEPENDENCIES:

All of the tools require libogg and libvorbis to be installed (along
with the header files).  Additionally, ogg123 requires libao, libcurl,
and a POSIX-compatible thread library.  Ogg123 can optionally compiled
to use libFLAC, and libspeex.  Oggenc can be optionally compiled with
libFLAC, and libkate.  The libraries libogg, libvorbis, and libao are
all available at
  https://xiph.org/vorbis/

The libcurl library is packaged with most Linux distributions.  The
source code can also be downloaded from:
  http://curl.haxx.se/libcurl/

FLAC is available at:
  https://xiph.org/flac/

Speex is available at:
  https://www.speex.org/

libkate is available at:
  http://libkate.googlecode.com/

CONTACT:

The Ogg Vorbis homepage is located at 'https://xiph.org/vorbis/'. Up to
date technical documents, contact information, source code and
pre-built utilities may be found there.

Developer information is available from http://www.xiph.org/. Check
there for bug reporting information, mailing lists and other resources.


BUILDING FROM SUBVERSION (see the file HACKING for details):

./autogen.sh
make 

and as root if desired :

make install

This will install the tools into /usr/local/bin and manpages into
/usr/local/man.


BUILDING FROM TARBALL DISTRIBUTIONS:

./configure
make

and as root if desired :

make install

BUILDING RPMS:

RPMs may be built by:

after autogen.sh or configure

make dist
rpm -ta vorbis-tools-<version>.tar.gz


KNOWN BUGS:

#1321
  First noticed in non-English versions of the application, ogg123 has a major
  bug when it comes to status messages in the shell: any output bigger than
  the console's width will break and start spamming that message infinitely
  until the console is resized.

  Different attempts to fix this bug have ended up causing bigger problems,
  leading to the conclusion that it simply can't be fixed without a large
  re-write of the application, which will not happen any time soon.  If you
  come across this issue, please augment your terminal window size.

CVE-2023-43361: GitHub - xiph/vorbis-tools: Command-line tools for creating and playing Ogg Vorbis files.

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969.

CVE-2023-5344

Buffer Overflow vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter.

CVE-2023-37605

Debian Linux Security Advisory 5510-1 - Clement Lecigne discovered a heap-based buffer overflow in libvpx, a multimedia library for the VP8 and VP9 video codecs, which may result in the execution of arbitrary code if a specially crafted VP8 media stream is processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5510-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoSeptember 29, 2023                    https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libvpxCVE ID         : CVE-2023-5217Debian Bug     : 1053182Clement Lecigne discovered a heap-based buffer overflow in libvpx, amultimedia library for the VP8 and VP9 video codecs, which may result inthe execution of arbitrary code if a specially crafted VP8 media streamis processed.For the oldstable distribution (bullseye), this problem has been fixedin version 1.9.0-1+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 1.12.0-1+deb12u1.We recommend that you upgrade your libvpx packages.For the detailed security status of libvpx please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/libvpxFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUXPQxfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0RFDA/9GmZkMOfqEBNeItASvUeQAbPu9w7hh/Ah/Ox9gSFZMvD5QmGTs6Zp8lZYTmOKS2Ls1rgQnfM/c+dm6Le4H9e+EtGYvLI0P6KjIk3T+rA+55os3WoUE99KJsZrj0AZM0jsmaQVuV1MbJIJSGo6a49qRkSIF4eS7/rws8xImu73EgcPQiWep70kF8/idqnYYqFEKJwT3Oxp2h4zYLM8Jqt8ji4caTHle20rcQ1tdOBCcqDWH87aNk1kqhWELe281K7sDVYlpyIGSZRsvHbTusESlvp+92sRIQPRDdpMMkSgACBDcHpfCHiJDofDDn+6Z4zA5XRxHOKlHvYvrg9lDSA1eu9V7oaR2YoBRfIcwd4HxB535FjJRNDGtt+0thJnuv+zjiA2yK/GTBju52q+96qGcXhPrGOZiQeth4SdxVnK3FKc3lB6HbMgs4ZERZNhs7AJ4I7pnyX6d8Zux3kPjejrdvBOFT8L+gNYzYn0tkcKHdpK2Xj0OMKboDLFxw26i8GgNb9RUht6Seb1dk2bnel2fJ+rqgxkltpVuTIFjQ942YtHm/a9xj6FLK3D6CtX1masIZ53uo51k2qWAGJWUqovasIQQHBUeOHgFHw+lHNHNlSsiblu6xc9y4B42vpozR449Q3volOr7t7oWv/pmsqrd48ByYXj7NESzD/bm4uOo9E==NrxQ-----END PGP SIGNATURE-----

Debian Security Advisory 5510-1

Debian Linux Security Advisory 5509-1 - A buffer overflow in VP8 media stream processing has been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5509-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffSeptember 29, 2023                    https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : firefox-esrCVE ID         : CVE-2023-5217A buffer overflow in VP8 media stream processing has been found in theMozilla Firefox web browser, which could potentially result in theexecution of arbitrary code.For the oldstable distribution (bullseye), this problem has been fixedin version 115.3.1esr-1~deb11u1.For the stable distribution (bookworm), this problem will be fixedvia the libvpx source package, Firefox ESR in Bookworm links dynamicallyagainst libvpx.We recommend that you upgrade your firefox-esr packages.For the detailed security status of firefox-esr please refer toits security tracker page at:https://security-tracker.debian.org/tracker/firefox-esrFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmUXDYAACgkQEMKTtsN8TjbJSRAAsv7xfSOoUGua0jPwrm84IUtEhshl1L3KhatogD2HbIIVZzDOBjcpR4oQwXGtLUjJJTnwZPwey9tNQQAzIBtPA+u/0Eow2eeUyqtUSEIqBUImdMH6m8GYqQ+ZuGdyvSa+IvbffJqPf4LzzCIZoxo9qQyz6F6K0xQ6c0kv2CCRYpDQHAgP4/E/VNfdOGhoTYhgRinAjeVY/I91hxfYm4783EMoc7L7vXgjOWxXNiPllmAIddCKlIdtgW02fq0lsqOljRfPYsAbc9xe1aVZlCVi+6nJj/jDxhqENn4XLAVJYdZr6W8hevQLADGuwzrTyACeusDaSHdW64X15TDnY8z5wOP/Vj4T9CpRhkQ396fn1eq+x4HF/iUim4ofpDBtb1xa/jAT+OuejqATdku8XvNzZ4l6KkJ7PuotMHvIXxsduNtesPmPUvFWeprCumojh6SbVhlf8YnM6c0c6spMyp3nKqHS59vDkzhKYbz50eFnNw0/q3OvZHndXZOiEjMxCR2GcElaejC8MAei4NuZm57VM5sfSqAUOCOZ1RJNRwsP6HkohmKNfklryjDjBMNudjRuPjVYX6d3Qoi1krDszjvRa+ui6ZljoKrKQFLg2SDEhbxt9akey/ZBr1lqEYNj6QubPNMlkVHYySVcv+IsEK2yww2S9CmCifLrKbNeOoE9o6I==CrEb-----END PGP SIGNATURE-----

Debian Security Advisory 5509-1

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.

**OptiPNG: Advanced PNG Optimizer**

**OptiPNG** is a PNG optimizer that recompresses image files to a smaller size, without losing any information. This program also converts external formats (BMP, GIF, PNM and TIFF) to optimized PNG, and performs PNG integrity checks and corrections.  
If you wish to learn how PNG optimization works, or to know about other similar tools, see the PNG-Tech article _A guide to PNG optimization_.

**IMPORTANT UPGRADE**  
_See the **Security Information** section below._

**Download**

*   **OptiPNG 0.7.7** (stable)  
    
*   **OptiPNG Hg** (experimental development, **DISCONTINUED**)  
    

**Security information**

You are **strongly encouraged** to upgrade to the latest version **0.7.7**.

Here is a list security-sensitive issues that affect the previous versions:

*   Joonun Jang reported a buffer overflow vulnerability in the GIF decoder, discovered by a fuzzer developed by the SoftSec group at KAIST. All versions prior to **0.7.7** that support GIF files (i.e. from version **0.5** to version **0.7.6**) are affected.
    
*   Jaeseung Choi reported an integer overflow vulnerability in the TIFF decoder. All versions prior to **0.7.7** that support TIFF files (i.e. from version **0.5.3** to version **0.7.6**) are affected.
    
*   Henri Salo and Hans Jerry Illikainen reported two vulnerabilities in the compressed BMP decoder, discovered by using the American Fuzzy Lop. All versions prior to **0.7.6** that support compressed BMP files (i.e. from version **0.6** to version **0.7.5**) are affected.
    
*   Gynvael Coldwind and Mateusz Jurczyk reported a use-after-free vulnerability in the palette reduction code, affecting the versions **0.7**, **0.7.1** and **0.7.2**, partially fixed in version **0.7.3**, and fully fixed in version **0.7.4**.

CVE-2023-43907: OptiPNG Home Page

Plus: Mozilla patches 10 Firefox bugs, Cisco fixes a vulnerability with a rare maximum severity score, and SAP releases updates to stamp out three highly critical flaws.

Fall is here, but hot zero-day summer shows no signs of cooling down, with the likes of Apple, Microsoft, and Google fixing flaws being used in real-life attacks.

Some major enterprise fixes were released during the month, including a Cisco patch for a vulnerability with a maximum CVSS score of 10.

Spyware has been a prominent trend over the past couple of months, and it’s a threat everyone should take seriously. Attacks can reach devices without any interaction from the user, so it’s important to keep your operating system up to date.

Here’s everything you need to know about the patches issued in September.

Apple iOS and iPad OS

Apple didn’t release any security updates in August, but the iPhone maker sure made up for it in September. First came iOS 16.6.1, an emergency security update released on September 9 to fix two flaws already being used in so-called “zero-click” attacks.

Reported by researchers at the University of Toronto’s Citizen Lab, the vulnerabilities were used to plant spyware via attachments containing malicious images in an iMessage, in an attack the researchers called BLASTPASS.

In mid-September, Apple released its major software upgrade, iOS 17, followed by iOS 17.0.1 a few days later. The surprise iOS 17.0.1 upgrade was important because it fixed another three iPhone flaws being used in spyware attacks.

Tracked as CVE-2023-41992 and reported by security researchers at Citizen Lab and Google, the first issue is a flaw in the kernel that could allow an attacker to escalate privileges. The other two vulnerabilities in WebKit and Security could potentially be chained together to take over a user’s device.

The flaws patched in iOS 17.0.1 were also fixed in the iOS 16.7 release for users of older iPhones or people who don’t want to upgrade to the latest software.

At the end of September, Apple released iOS 17.0.2 to fix some early iOS 17 bugs, and this is the latest version of the software, as of publication.

Apple has also released macOS Sonoma 14 to fix over 60 vulnerabilities.

Google Android

September was a big security month for Google’s Android users, with the monthly patch fixing 33 flaws, including one already being used in attacks. Tracked as CVE-2023-35674, the vulnerability in the framework could allow an adversary to elevate privileges without any interaction from the user. “There are indications that CVE-2023-35674 may be under limited, targeted exploitation,” Google said in its Android Security Bulletin.

Another severe issue is a critical security vulnerability in the system component that could lead to remote code execution with no additional execution privileges needed.

The Android security update has already reached Google’s own Pixel devices as well as Samsung devices, including the Galaxy S23 and S22 series.

Google Chrome

At the end of September, Google updated its Chrome browser after fixing 10 vulnerabilities, one of which was already being exploited by adversaries. Tracked as CVE-2023-5217 and rated as having a high impact, the already-exploited bug is a heap buffer overflow flaw in vp8 encoding in libvpx. “Google is aware that an exploit for CVE-2023-5217 exists in the wild,” the software giant said in an advisory.

The flaw was used in targeted spyware attacks, Google security researcher Maddie Stone later confirmed on Twitter.

Earlier in the month, Google fixed another zero-day flaw, a heap buffer overflow issue initially tracked as CVE-2023-4863, which it thought impacted only the Chrome browser. But two weeks after fixing the issue, researchers discovered it was worse than they thought, affecting the widely-used libwebp image library for rendering images in the WebP format.

Now tracked as CVE-2023-5129, it is thought the bug impacts every application that uses the libwebp library to process WebP images. “The scope of this vulnerability is much wider than initially assumed, affecting millions of different applications worldwide,” security firm Rezilion wrote in a blog.

The security outfit also thinks it is “highly likely” that the underlying issue in the libwebp library is the same issue resulting in CVE-2023-41064—one of the Apple flaws used as part of the BLASTPASS exploit chain to deploy the NSO Group’s Pegasus spyware.

Microsoft

Microsoft’s September Patch Tuesday is one to remember, as it fixed around 65 flaws, two of which are already being exploited by attackers. Tracked as CVE-2023-36761, the first is a Microsoft Word information disclosure vulnerability that could allow NTLM hashes to be exposed.

The second and most severe flaw is a privilege-escalation vulnerability in Microsoft Streaming Service Proxy tracked as CVE-2023-36802. An attacker who successfully exploited this vulnerability could gain system privileges, Microsoft said, adding that exploitation of the flaw has been detected.

Both flaws are marked as important, so it’s a good idea to update your devices as soon as you can.

Mozilla Firefox

Firefox has had a hectic month after Mozilla fixed 10 flaws in its privacy-conscious browser. CVE-2023-5168 is an out-of-bounds write bug in FilterNodeD2D1 affecting Firefox on Windows, rated as having a high impact.

CVE-2023-5170 is a flaw that could result in memory leak from a privileged process. This could be used to effect a sandbox escape if the correct data was leaked, Firefox owner Mozilla said in an advisory.

Meanwhile, CVE-2023-5176 covers memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. “Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code,” Mozilla said.

Cisco

At the start of the month, Cisco issued a patch for a vulnerability in the single sign-on implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform that could allow an unauthenticated, remote attacker to forge credentials to access an affected system. Tracked as CVE-2023-20238, the flaw has been given a maximum CVSS score of 10.

Also this month, Cisco patched a zero-day in Adaptive Security Appliance and Firepower Threat Defense software already exploited in Akira ransomware attacks. Tracked as CVE-2023-20269 and with a medium severity CVSS score of 5, the vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute-force attack to identify valid username and password combinations.

SAP

Enterprise software firm SAP has issued several important fixes as part of its September Security Patch Day. This includes a patch for CVE-2023-40622, an information disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform with a CVSS score of 9.9. “A successful exploit provides information that can be used in subsequent attacks, leading to a complete compromise of the application,” security firm Onapsis said.

CVE-2023-40309 is a missing authorization check issue in SAP CommonCryptoLib with a CVSS score of 9.8. The flaw can result in an escalation of privileges and in the worst case, attackers can compromise the affected application completely, Onapsis said.

Meanwhile, CVE-2023-42472 is an insufficient file type validation flaw in SAP BusinessObjects Business Intelligence Platform with a CVSS score of 8.7.

Apple, Microsoft, and Google Just Fixed Multiple Zero-Day Flaws

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution.
The list of flaws, which were reported anonymously way back in June 2022, is as follows -

CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability

Email Security / Hacking News

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution.

The list of flaws, which were reported anonymously way back in June 2022, is as follows -

*   **CVE-2023-42114** (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
*   **CVE-2023-42115** (CVSS score: 9.8) - Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
*   **CVE-2023-42116** (CVSS score: 8.1) - Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability
*   **CVE-2023-42117** (CVSS score: 8.1) - Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability
*   **CVE-2023-42118** (CVSS score: 7.5) - Exim libspf2 Integer Underflow Remote Code Execution Vulnerability
*   **CVE-2023-42119** (CVSS score: 3.1) - Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability

The most severe of the vulnerabilities is CVE-2023-42115, which allows remote, unauthenticated attackers to execute arbitrary code on affected installations of Exim.

"The specific flaw exists within the SMTP service, which listens on TCP port 25 by default," the Zero Day Initiative said in an alert published this week.

"The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account."

Exim maintainers, in a message shared on the Open Source Security mailing list oss-security, said fixes for CVE-2023-42114, CVE-2023-42115, and CVE-2023-42116 are "available in a protected repository and are ready to be applied by the distribution maintainers."

"The remaining issues are debatable or miss information we need to fix them," adding it asked ZDI more specifics about the issues and that it "didn't get answers we were able to work with" until May 2023. The Exim team further said they are awaiting detailed specifics on the other three shortcomings.

However, the ZDI pushed back against claims about "sloppy handling" and "neither team pinging the other for 10 months," stating it reached out several times to the developers.

"After our disclosure timeline was exceeded by many months, we notified the maintainer of our intent to publicly disclose these bugs, at which time we were told, 'you do what you do,'" it said.

"If these bugs have been appropriately addressed, we will update our advisories with a link to the security advisory, code check-in, or other public documentation closing the issue."

In the absence of patches, the ZDI recommends restricting interaction with the application as the only "salient" mitigation strategy.

This is not the first time security flaws have been uncovered in the widely used mail transfer agent. In May 2021, Qualys disclosed a set of 21 vulnerabilities collectively tracked as 21Nails that enable unauthenticated attackers to achieve complete remote code execution and gain root privileges.

UPCOMING WEBINAR

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

Previously in May 2020, the U.S. government reported that hackers affiliated with Sandworm, a state-sponsored group from Russia, had been exploiting a critical Exim vulnerability (CVE-2019-10149, CVSS score: 9.8) to penetrate sensitive networks.

The development also comes hot on the heels of a new study by researchers from the University of California San Diego that discovered a novel technique called forwarding-based spoofing which takes advantage of weaknesses in email forwarding to send messages impersonating legitimate entities, thereby compromising on integrity.

"The original protocol used to check the authenticity of an email implicitly assumes that each organization operates its own mailing infrastructure, with specific IP addresses not used by other domains," the research found.

"But today, many organizations outsource their email infrastructure to Gmail and Outlook. As a result, thousands of domains have delegated the right to send email on their behalf to the same third party. While these third-party providers validate that their users only send email on behalf of domains that they operate, this protection can be bypassed by email forwarding."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

By Waqas
The vulnerability was reported by Clément Lecigne of Google's Threat Analysis Group (TAG).
This is a post from HackRead.com Read the original post: Mozilla Rushes to Fix Critical Vulnerability in Firefox and Thunderbird

Mozilla Foundation strongly advises all users of these products to update to the latest versions to ensure their systems are protected against this critical security vulnerability.

Mozilla Foundation has released critical security updates for its web browser, Firefox, as well as its email client, Thunderbird, in response to a significant security vulnerability. This vulnerability, identified as CVE-2023-5217, could potentially allow attackers to execute malicious code on the affected system.

This is the same critical vulnerability for which Google released urgent security patches for the Chrome browser on September 28th, 2023. These patches are designed to protect users from potential spyware attacks.

****The Vulnerability****

The security flaw, reported by Clément Lecigne of Google’s Threat Analysis Group, centers around a heap buffer overflow in libvpx, a critical component of the Firefox web browser. This vulnerability is particularly concerning as it involves the specific handling of an attacker-controlled VP8 media stream. If successfully exploited, it could lead to a heap buffer overflow within the content process, which could, in turn, enable attackers to execute arbitrary code.

****Severity****

Mozilla has classified this vulnerability as **critical**, indicating the seriousness of the threat it poses. Moreover, the foundation has acknowledged that this issue has been actively exploited in other products in the wild, underlining the urgency of addressing it.

****Affected Products and Fixes****

The security update is applicable to several Mozilla products, including:

*   **Firefox**: The vulnerability has been addressed in Firefox version **118.0.1**.
*   **Firefox ESR (Extended Support Release)**: The fix is available in Firefox ESR version **115.3.1**.
*   **Firefox Focus for Android**: Users can secure their browsing experience by updating to version **118.1.0**.
*   **Firefox for Android**: The vulnerability has been patched in Firefox for Android version **118.1.0**.
*   **Thunderbird**: Users of the Thunderbird email client can protect their communications by updating to version **115.3.1**.

Mozilla Foundation strongly advises all users of these products to update to the latest versions to ensure their systems are protected against this critical security vulnerability.

****Action Required****

To safeguard your web browsing and email communication, it is highly recommended that you promptly update your Firefox browser and Thunderbird email client to the versions specified above. Regularly keeping your software up to date is a fundamental best practice for online security.

For more detailed information on this security vulnerability, you can refer to the official **CVE-2023-5217** records and Mozilla’s bug reports at the following links:

*   Mozilla Bug Report
*   Chromium Bug Report

****_RELATED ARTICLES_****

1.  Google reveals spyware attack on Android, iOS, and Chrome
2.  Israeli Spyware Vendor Uses Chrome 0day to Target Journalists
3.  Fake Chrome Browser Update Installs NetSupport Manager RAT
4.  Mozilla releases Firefox 86 equipped with ‘Total Cookie Protection’
5.  Hackers using malicious Firefox extension to phish Gmail credentials

Tag

#buffer_overflow