A zero-day flaw using the 0.0.0.0 IP address
Scoop News Group ☛ Researchers find decades-old vulnerability in major web browsers
The flaw, called ‘0.0.0.0 day,’ has to do with how browsers handle network requests.
-
PC Mag ☛ Zero-Day IP Address Exploit Lets Hackers Attack Mac, Linux Computers
A zero-day flaw using the 0.0.0.0 IP address has seen a spike in use and been exploited by hackers in recent months, potentially putting users of major web browsers like Safari, Chrome, and Firefox on macOS or Linux at risk, a new report reveals.
-
Hacker News ☛ 0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks.
-
Laptop Magazine ☛ An 18-year-old browser exploit leaves MacBooks and Linux laptops vulnerable — but a fix is coming
Sometimes, we've seen big companies take up to a few months to fix a glaring bug, risk, or other issue within an OS or a browser, but usually, issues are fixed within days or weeks. However, a vulnerability recently brought up by Oligo Security has gone without a fix for much longer: 18 years.
Update
A couple more:
-
Major browser providers scramble to patch an 18-year-old vulnerability affecting MacOS and Linux systems but Windows remains gloriously immune
We Windows users are sometimes the butt of the joke when it comes to cybersecurity issues. Or at least, we often used to be. Still, if I receive one more lecture on why Linux or Mac systems are more secure, I'll at least have this article to point to. Not always, I shall say. Not always.
-
Browsers on MacOS and Linux have failed to block malicious instructions sent to 0.0.0.0 – for 18 years
If a malicious website pings a 0.0.0.0 IP address, web browsers on Linux or MacOS won't question it – they’ll route the request to the application listening on a specified port. Security company Oligo Security has discovered that these open doors for attackers to mess with systems haven’t been closed for 18 years.