A severe vulnerability has been found in libwebp, a code library used to render webp images, reports Stack Diary. Webp is a popular image format used by many sites on the Internet – but also by apps and some other software that use web views – and the vulnerability can be used, among other things, to run malicious code on affected devices. Worse yet, it is reportedly being actively exploited by malicious attackers.
The vulnerability has been labelled CVE-2023-4863 and is considered extremely serious. Major browsers such as Chrome, Edge, Firefox, Opera, Vivaldi, and Brave have already released security fixes. To make sure you have the latest version of a browser, go to Help > About (browser name) in its options menu. If a new update is available, it should then download automatically.
The webp image format was developed by Google and has quickly grown in popularity due to the high and lossless compression of images compared to other formats.