techymenia
techymenia
techymenia
techymenia
Facebook X-twitter Instagram Youtube
techymenia
TRENDING

An 18-Year-Old Browser Bug is Finally Getting Fixed by Chrome, Firefox, and Safari

NEWS
By
Ryker Westin
9 August 2024
this security issue allows remote code execution via a local network through public websites
An 18-Year-Old Browser Bug is Finally Getting Fixed by Chrome, Firefox, and Safari
( Image credits: TechyMenia )

It’s not uncommon for significant companies to take several months to address bugs or vulnerabilities in operating systems or browsers. However, a security flaw highlighted by Oligo Security has remained unresolved for an astonishing 18 years.

This vulnerability, dubbed the “0.0.0.0 Day” by Oligo, permits remote code execution via a local network through public websites. Alarmingly, it impacts Chromium, Firefox, and Safari on macOS and Linux systems. Malicious websites can exploit weak browser security due to inconsistent security mechanisms across different browsers and a lack of industry standardization.

Oligo uncovered this issue, initially reported to Mozilla in 2006, which has lingered without a resolution. Despite several significant updates and prioritizations over the years, the bug remains open. Oligo notes, “The bug report was closed, reopened, then prioritized—and will now remain open until Firefox implements [Private Network Access].”

Google has announced plans to mitigate this issue in Chrome, the world’s most popular browser. They intend to block access to the 0.0.0.0 IP address before the full rollout of Private Network Access. This update began with Chromium 128, released in beta on July 24, and is expected to be fully deployed by Chrome 133.

Apple has already made “breaking changes to WebKit that block access to 0.0.0.0,” as documented on GitHub.

Mozilla’s approach remains uncertain. Although they have updated the Fetch specification to block the IP address and prioritized the implementation of Private Network Access, it has not yet been fully implemented. A Mozilla spokesperson explained to PCMag, “Imposing tighter restrictions comes with a significant risk of introducing compatibility problems.” They added, “As the standards discussion and work to understand those compatibility risks is ongoing, Firefox has not implemented any of the proposed restrictions.”

Meanwhile, Microsoft updated its Edge Security Updates page, stating, “Microsoft is aware of the recent Chromium security fixes. We are actively working on releasing a security fix.”

There is optimism that this critical vulnerability, affecting all major browsers, will be resolved in the coming months, if not weeks. The collaborative efforts of these tech giants are essential in ensuring the safety and security of users worldwide.

Receive daily updates, inspiration, and exclusive deals delivered to your inbox.

Sign up to receive breaking news, reviews, opinions, top tech deals, and more.

By submitting your information, you agree to the Terms & Conditions and Privacy Policy and confirm you are 16 or older.

Share this page:

Copyright ©2024 TechyMenia. All Rights Reserved.

This article may include affiliate links. Please refer to our privacy policy for further details.

Related Articles

Today's NYT Strands Hints, Answers and Tips for Sept. 15, #196

Today’s NYT Strands Hints, Answers and Tips for Nov. 18 #260

Published 18 November 2024 –
By Landon Cole
Today's NYT Connections Hints, Answers and Tips for Sept. 15, #462

Today’s NYT Connections Hints, Answers and Tips for Nov. 18 #526

Published 18 November 2024 –
By Hina Takahashi
Today's Wordle Hints, Answer and Tips for Sept. 22 #1191

Today’s Wordle Hints, Answer and Tips for Nov. 18 #1248

Published 18 November 2024 –
By Grayson Reed

About Author

Picture of Ryker Westin

Ryker Westin

Ryker Westin is a security and networking expert based in Houston, Texas, covering everything from data breaches and malware to optimizing Wi-Fi coverage for homes and businesses. With years of experience in cybersecurity and B2B tech, he’s always on the lookout for the next major cyberattack or data breach. Having worked remotely since 2018, Ryker has reviewed numerous standing desks and essential remote working accessories. He’s a strong advocate for cable management and staying organized. When he's not writing, you’ll find him tinkering with PCs and game consoles, managing cables, and upgrading his smart home.

More From TechyMenia

iQOO 13 is official with Snapdragon 8 Elite chip & ultra-bright 2K display

iQOO 13 is official with Snapdragon 8 Elite chip & ultra-bright 2K display

Published 30 October 2024 –
By Jason Pierce
Google Prepares Gemini 2.0 Launch to Compete with OpenAI’s Orion Model

Google Prepares Gemini 2.0 Launch to Compete with OpenAI’s Orion Model

Published 28 October 2024 –
By Ryker Westin
Huawei Phones

Huawei Phones Dominate China’s 2024 Smartphone Market

Published 26 October 2024 –
By Derek Louie
Xiaomi 15 & 15 Pro: Official design, display, and performance details released

Xiaomi 15 & 15 Pro: Official design, display, and performance details released

Published 25 October 2024 –
By Derek Louie
Samsung Galaxy Tab S10+ review – a solid upgrade for an Android favorite

Samsung Galaxy Tab S10+ review – a solid upgrade for an Android favorite

Published 25 October 2024 –
By Jason Pierce
Samsung Galaxy S25 Series Rumored to Use Snapdragon 8 Elite Globally

Samsung Galaxy S25 Series Rumored to Use Snapdragon 8 Elite Globally

Published 23 October 2024 –
By Jason Pierce
techymenia
techymenia
About Us
Contact Us
Privacy Policy
Terms and Consitions
Affiliate Disclosure
Disclaimer
Tech News
AI News
Gaming Devices
Best Deals
Cybersecurity

 © 2024 TechyMenia |  All rights reserved

Subscribe
Subscribe