US



US
BigGo MagAbout UsJoin usContact UsUser TermsSupport Center
© 2024 BigGo
Install
BigGo Shopping Assistant
News
Tech
Security
Computer Components
Desktops
Laptops

Critical "0.0.0.0-Day" Vulnerability Affects Major Browsers on macOS and Linux

BigGo Editorial Team
Critical "0.0.0.0-Day" Vulnerability Affects Major Browsers on macOS and Linux

Critical 0.0.0.0-Day Vulnerability Affects Major Browsers on macOS and Linux

A recently discovered security vulnerability dubbed the 0.0.0.0-day exploit has been found to affect Google Chrome, Mozilla Firefox, and Apple Safari browsers on macOS and Linux systems. The flaw, which has potentially existed for 18 years, could allow malicious websites to access internal networks and devices.

The Vulnerability Explained

Cybersecurity firm Oligo uncovered the exploit, which takes advantage of how browsers handle requests to the IP address 0.0.0.0. This address is not included in the list of protected private or local addresses, allowing attackers to bypass security measures like Google's Private Network Access (PNA) specification.

Key points about the vulnerability:

  • Affects Chrome, Firefox, and Safari on macOS and Linux
  • Windows systems are not vulnerable due to system-level blocking of 0.0.0.0
  • Potentially exploitable since 2006
  • Allows public websites to communicate with services on local networks

Impact and Scope

While the percentage of websites potentially exploiting this vulnerability is relatively small (0.015% according to Chromium counters), the sheer number of active websites means up to 100,000 could be affected. The true number of malicious actors leveraging this exploit remains unknown.

Browser Vendors Respond

Major browser developers are taking steps to address the vulnerability:

  • Google Chrome: Gradually blocking access to 0.0.0.0 from Chrome 128 to 133
  • Apple Safari: Blocked in WebKit, with fixes coming in Safari 18 (currently in beta)
  • Mozilla Firefox: Plans to block 0.0.0.0 in the future, but no immediate fix due to potential server issues

What Users Should Do

  1. Keep browsers updated to ensure you have the latest security patches
  2. Be cautious when clicking links or downloading attachments from unknown sources
  3. macOS and Linux users should be especially vigilant until all browser patches are fully implemented

This incident serves as a reminder that even long-standing and widely used software can harbor significant security flaws. It also highlights the importance of ongoing security research and prompt action by software developers to address vulnerabilities.

Related News
Samsung Galaxy S25 Ultra Leak: Thinner Bezels and Improved Specs on the Horizon
9 hours ago
Apple Watch Gets Major Upgrades: Enhanced Remote Control and Safety Check-In Features
17 hours ago
Google Chrome Update Brings Seamless Tab Syncing and Calendar Integration for Workspace Users
Yesterday
Steam Deck Gets Major Update: UI Bug Fixed and Free Games for Prime Members
Yesterday
Google's Wear OS Gets Major Boost with Masimo and Qualcomm Partnership
2 days ago