The ‘0.0.0.0-log’ vulnerability, which has existed in major browsers for the last 18 years, posed a significant risk in cybersecurity. Apple, Google and Mozilla are finally trying to fix the vulnerability.
For the last 18 years, major browsers such as Safari, Google Chrome and Mozilla Firefox have hackers infiltrating private networksIt was revealed that it contained a critical security vulnerability that allowed . This vulnerability is caused by a vulnerability called “0.0.0.0-log” and the browsers are reportedly taking steps to finally resolve this issue.
Cyber security initiative OligoAccording to research by , queries made to the 0.0.0.0 IP address are processed by browsers by mistakenly redirecting them to other IP addresses. This vulnerability allows hackers to infiltrate home and business networks and gain access to confidential data. Apple, Google ve Mozillais developing various fix plans for this vulnerability, but Mozilla’s solution is not yet complete.
Oligo Cyber Security Company: New Way to Infiltrate the Internal Network via Browsers Revealed
Gal Elbaz, co-founder at Oligo Security, and AI security researcher Avi Lumelsky stated the following about using localhost APIs from the browser: “Browser-based attacksis nothing new in the malicious landscape of attack patterns. Browsers continue to be a popular penetration method for attackers. Although ostensibly local, services running on localhost become accessible to the browser using a flaw we found, exposing ports on the localhost network interface and leaving the door open to remote network attacks.
In this live demo and attack simulation, a zero-day attack is performed on Chrome and other browsers. vulnerabilityWe will explain (disclosing responsibly) and how we used the 0-day vulnerability to attack developers behind firewalls. An extremely popular platform that serves millions of people in the data engineering ecosystem and runs on localhost. open source platformWe will also demonstrate remote code execution.
In our talk, we will present new attack techniques that target developers and employees in an organization behind firewalls. “This is the first time we will examine this newly discovered zero-day vulnerability in detail.”
Are Users Vulnerable to Danger?
Fixing this critical vulnerability is considered an important step in browser security. While Apple offers an update to close this vulnerability in the beta version of macOS 15 Sequoia, Google is expected to make a similar update. However, the fact that Mozilla has not yet developed a solution for Firefox leaves users vulnerable to this danger. Researchers emphasize that the 0.0.0.0-log vulnerability is a problem that has been ignored for many years and that the solution process should be completed quickly.
These important developments in browser security are of great importance in terms of protecting user data and increasing security on the internet. We can say that by eliminating these weaknesses, the aim is to provide a safer internet environment against cyber threats.
Source :
https://www.forbes.com/sites/thomasbrewster/2024/08/07/hackers-exploit-18-year-old-vulnerability-in-apple-google-and-mozilla-browsers/
Source link: https://www.webtekno.com/safari-chrome-ve-firefox-ta-18-yildir-olan-bir-acik-hackerlarin-elinde-h147578.html