Jump to content

Webp Virus, fears, nightmares, suggestions, or exodus from the internet?

Dixel

By Dixel
in Web Browsers

 Share

Recommended Posts


D.Draker

D.Draker

Posted
Posted
9 hours ago, dmiranda said:

making non-savy surfers suffer some sort of issue, masked under some other extension, blah blah blah.

But I thought we weren't talking anymore. I'm so glad you (guys) decided to break the ice.  

That's precisely what I warned about, with that "fix" non-savvy people will get the wrong feeling of safety, and then infect themselves with WebP.

So perhaps I agree with you, better to do nothing than relax yourself with such "solutions". I'm not sure about the chance/infection rate.

Who are you, I don't remember. I recently fell off the second floor of a hooch we were clearing up in a far away country, so it could reflect on my memory.

The floor simply didn't hold my weight, I'm tall.

3
Mathwiz

Mathwiz

Posted
Posted
On 12/4/2023 at 7:37 AM, Dixel said:

Many servers run on Linux, not Windows.

You completely missed the point! If MSE can scan for the exploit on Windows, then surely widely-available AV software can scan for the exploit on Linux.

On 12/5/2023 at 1:57 PM, dmiranda said:

I just get the image attached, no crash, nothing, on sp52

Serpent 52 is patched. Try a pre-September version.

2
mina7601

mina7601

Posted
Posted (edited)
32 minutes ago, Mathwiz said:

Serpent 52 is patched. Try a pre-September version.

Actually, you meant September 9 version. as September 16 version is the version to fix the webp security vulnerability.

This is how it looks like:

V6-Zasabj-MQ.png

Edited by mina7601
2
Guest

Guest

Posted
Posted

To stop the chain of events that can lead to the success of an exploit, a few tricks may be sufficient even in unpatched browsers.
I have seen exploits rendered harmless with the renderer at IL AppContainer.
In my opinion those who have an unpatched browser,listed on the anti-exploit list,and take a number of expedients that at various points can counteract the chain of events that can lead to the success of an exploit,i.e., leverage an unpatched vulnerability in the browser and/or OS can be reasonably safe.

Using uBlock Origin with dynamic filtering enabled is considered by all security experts to be a security surplus in the browser.

 

dmiranda

dmiranda

Posted
Posted
8 hours ago, Mathwiz said:

Serpent 52 is patched. Try a pre-September version.

Ha ha, good to know I had the fix already. I feel safer :P.  I also tried in mypal, so I guess that is also fixed. 

As per trying on a non-fixed version, I completely trust what you say: I tried even though I thought I was unprotected. Put to think about it, not the first time, really ;P

1
XPerceniol

XPerceniol

Posted
Posted
3 hours ago, dmiranda said:

Ha ha, good to know I had the fix already. I feel safer :P.  I also tried in mypal, so I guess that is also fixed. 

As per trying on a non-fixed version, I completely trust what you say: I tried even though I thought I was unprotected. Put to think about it, not the first time, really ;P

How were you able to determine that Mypal is patched? Just I wanted to know this as well but am unsure how to make the determination. Thank you, man.

UCyborg

UCyborg

Posted
Posted

Where did the idea that unpatched browser will certainly crash come from? Still have two unpatched browsers installed, Edge 94 and Firefox 110, none of them crash on that image.

XPerceniol

XPerceniol

Posted
Posted (edited)
13 hours ago, mina7601 said:

Actually, you meant September 9 version. as September 16 version is the version to fix the webp security vulnerability.

This is how it looks like:

V6-Zasabj-MQ.png

Were did you get that link, Mina, I'm trying to read it but my eyes wont let me me get very far - would you be so kind as so post that link you have in your address bar as and I read the entire thread and cant find it. Either its not there, or the green tea is not working very well this morning :P

Edited by XPerceniol
Dixel

Dixel

Posted
  • Author
Posted
12 hours ago, Sampei.Nihira said:

Using uBlock Origin with dynamic filtering enabled is considered by all security experts to be a security surplus in the browser.

 

I'd like to read that article where "all security experts considered" this, thanks.

3
Dixel

Dixel

Posted
  • Author
Posted
On 12/3/2023 at 4:23 PM, Mathwiz said:

Just to show the skeptics that the vulnerability is real and not mere fearmongering, you can download a "bad" WebP image here:

https://github.com/mistymntncop/CVE-2023-4863/raw/main/bad.webp

Important note: This WebP file does not contain any malware or exploit code! I wouldn't link to such a thing here on MSFN, even with a warning (and if it did, I don't think GitHub would allow it anyway). But it does trigger a buffer overflow in unpatched software, likely leading the software to crash. (For example, I got the "Aw, snap!" page in 360EE.) Therefore, you can use this as a "quick-and-dirty" test for vulnerable, unpatched software.

 

It has nothing to do with scepticism, it's just caution!

"mistymntncop" looks like a random account on github, nothing official.

Has no projects:

https://github.com/mistymntncop?tab=projects

Not even a description of who that man (woman?) is.

4
UCyborg

UCyborg

Posted
Posted
43 minutes ago, XPerceniol said:

Were did you get that link, Mina, I'm trying to read it but my eyes wont let me me get very far - would you be so kind as so post that link you have in your address bar as and I read the entire thread and cant find it.

4th page, first post.

1
XPerceniol

XPerceniol

Posted
Posted (edited)
41 minutes ago, UCyborg said:

4th page, first post.

Thank you! Wow do I feel red in the face ... guess I've not been able to shake all the cobwebs from my brain this morning. :o Looks like Mypal is indeed patched then so please disregard my posting to you @dmiranda and @mina7601. I've also never felt safer. :lol:

Edited by XPerceniol
2
Guest

Guest

Posted
Posted
50 minutes ago, Dixel said:

I'd like to read that article where "all security experts considered" this, thanks.

Here in benefit of dynamic filtering referring only to third-party frame blocking:

https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-Benefits-of-blocking-3rd-party-iframe-tags

as you can see it is a formidable defense against exploits as well.
Those using higher dynamic filtering (Medium Mode or Hard Mode obviously have more protection at the security/privacy level.

I use Hard Mode + TLD's

Some other opinions Sven Taylor:

https://restoreprivacy.com/browser/secure/

ArkenFox user.js:

https://github.com/arkenfox/user.js/wiki/4.1-Extensions#small_orange_diamond-️-anti-fingerprinting-extensions-fk-no
 

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...