Skip to main content

Microsoft patches zero-day flaws in Teams, Edge and Skype

posted onOctober 4, 2023
by l33tdawg
Wikipedia
Credit: Wikipedia

Two zero-day flaws in popular Microsoft products including Edge, Teams, and Skype have been discovered and patched, the company has confirmed.

Microsoft addressed CVE-2023-4863, and CVE-2023-5217, which affect the programs’ code libraries used to encode and decode images in the WebP format, and videos with VP8 encoding. The two libraries in question are used, the publication further adds, by a large number of popular software and services, including Safari, Firefox, Opera, various Android web browsers, 1Password, and Signal, but also Netflix, YouTube, and Amazon Prime Video.

Should a threat actor abuse these flaws, they’d be able to run arbitrary code execution on vulnerable endpoints. "Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217," a company advisory stated.

Source

Tags

Microsoft Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th