Hackers are already flooding browsers with malware and phishing links, but researchers have now discovered a vulnerability that could allow hackers to access services directly on your laptop.
The vulnerability, known as 0.0.0.0 Day, affects all Chromium-based browsers, including Google Chrome, Firefox, Safari and Edge.
What’s concerning is that this vulnerability has existed in these browsers for the past 18 years and has only been discovered now.
Sign up for KURT’s free newsletter and get instant access to the Cyber Guy Report
A person using a laptop with the Google Chrome browser (Kurt “Cyberguy” Knutson)
What you need to know
The 0.0.0.0 Day vulnerability was discovered by an Israeli app security firm Oligo And then, Hacker NewsIt involves the use of the normally harmless IP address 0.0.0.0, but this vulnerability could allow an attacker to exploit it to gain access to and control local services on the computer.
The critical vulnerability “exposes a fundamental flaw in the way browsers handle network requests, potentially allowing malicious actors to access sensitive services running on the local device,” said Avi Rumelsky, a researcher at Origo Security.
Security researchers have discovered that websites in “.com” domains can communicate with services on the local network and execute malicious code using the address 0.0.0.0. The vulnerability also makes it possible to bypass Private Network Access (PNA), which is supposed to stop public websites from directly accessing endpoints on private networks.
Simply put, this vulnerability could allow a malicious actor to compromise local services and perform unauthorized actions on the device.
The vulnerability affects browsers like Google Chrome, Edge, Safari, and Firefox on devices running macOS and Linux. Windows users don’t need to worry, as Microsoft has blocked this IP address at the operating system level.
Browser displayed on a laptop (Kurt “Cyberguy” Knutson)
What ruthless hackers stole from 110 million AT&T customers
Is a fix coming?
Chrome began blocking access to the 0.0.0.0 IP address in July, starting with Chromium 128. Google is gradually rolling out the change, and will complete it by Chrome 133, when the IP address will be completely blocked for all Chrome and Chromium users.
Meanwhile, Apple has already updated WebKit, the browser engine used by Safari, to block access to 0.0.0.0, and Mozilla has also blocked this IP address in Firefox. To avoid being affected, keep your browsers up to date.
How to remove your personal information from the internet
Steps to update your browser
The best way to protect yourself from security flaws is to keep your browser up to date. Here are some steps to keep your browser up to date:
How to update Chrome
- open Google Chrome On your computer
- Click Three points Top right corner
- choice help
- click About Chrome
- Chrome Automatically checks for updates. If an update is available, download and install it.
- click Re-release Complete the update process.
On a mobile device, you can update Chrome by searching for and tapping on Chrome in the Google Play Store (Android) or App Store (iOS). update If available
Google Chrome browser (Kurt “Cyberguy” Knutson)
World’s largest database of stolen passwords uploaded to crime forum
How to update Microsoft Edge
- open Microsoft Edge
- Click Three points Top right corner
- choice Help and feedback
- click About Microsoft Edge
- Edge will automatically Check for updates Install if available
- click Restart Update Microsoft Edge and apply the updates
On a mobile device, search for Edge and, if available,[更新]You can update it from your respective app store (Google Play Store for Android, App Store for iOS) by tapping .
Microsoft Edge browser (Kurt “Cyberguy” Knutson)
How to update Safari
- For Mac, Apple Menu
- choice System Settings
- Tap General
- click Software Updates
- If a Safari update is available, Update now.
- Follow the instructions Complete the installation.
On iOS devices, updates can be done via the Settings app under General > Software Update.
Safari Browser (Kurt “Cyberguy” Knutson)
How to update Mozilla Firefox
- open Firefox
- Click Three horizontal lines (☰) Top right corner
- Select Hhelp me
- click About Firefox
- Firefox Check for updates It will be downloaded automatically
- click Please restart Firefox to updateIf the update is installed
On a mobile device, search for Firefox and, if available,[更新]You can update Firefox from the Google Play Store (Android) or App Store (iOS) by tapping
Click here to read more US news
Mozilla Firebox Browser (Kurt “Cyberguy” Knutson)
Click here to get FOX Business on the go
Extra steps to keep your data and devices safe
Below are some additional steps you can take to help protect yourself from hackers exploiting security vulnerabilities:
1. Deploy powerful antivirus software: Hackers often gain access to your device by sending infected emails or documents, or by tricking you into clicking links that download malware. You can avoid all of this by installing a strong antivirus software that will detect potential threats before they take over your devices and router.
The best way to protect yourself from malicious links that could install malware and access your personal information is to have a strong antivirus software installed on all your devices. This protection will also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. We’ve handpicked the winners of the best antivirus protection of 2024 for Windows, Mac, Android and iOS devices.
2. Be aware that urgent requests may be scams. Always be cautious if someone urgently asks you to send money, provide personal information, click on LINE, etc. It could be a scam.
3. Use strong, unique passwords: Create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. Password Manager Securely store and generate complex passwords. It helps you create unique, hard-to-crack passwords that hackers can’t guess. It also tracks all your passwords in one place and enters them when you log into your accounts so you don’t have to remember them yourself. The fewer passwords you have to remember, the less likely you are to reuse them on your accounts. Learn more about me Check out the best password managers of 2024, reviewed by experts.
4. Enable two-factor authentication. Enable Two-factor authentication Whenever possible, they will require a second form of verification, such as a code sent to your mobile phone, in addition to your password, providing an extra layer of security.
Banking Trojan targets more apps, putting Android users at risk
Important points about the cart
Given the newly discovered 0.0.0.0 Day vulnerability, it’s more important than ever to keep your browser up to date. While major browser companies are actively working on fixes, staying up to date with software updates is key to protecting your devices. To further protect your online experience, be wary of suspicious links, practice safe browsing habits, and regularly check for updates.
Click here to get the FOX News app
A 0.0.0.0 Day vulnerability affecting major browsers including Google Chrome, Firefox, Safari, and Edge was recently discovered, but the vulnerability has existed for 18 years. Do you think technology companies are doing enough to secure their products and protect users from long-standing vulnerabilities like this one? Let us know what you think here. Cyberguy.com/Contact Us
If you want to receive more of my tech tips and security alerts, subscribe to the free CyberGuy Report newsletter at the link below. Cyberguy.com/Newsletter
Have a question for Kurt or tell us the story you’d like to see featured?
Follow Kurt on his social channels
Answers to the CyberGuy’s most frequently asked questions:
Copyright 2024 CyberGuy.com. All Rights Reserved.
