Windows Is The Only One Safe From An 18 Year Old Browser Vulnerability

Source: Bleeping Computer Windows Is The Only One Safe From An 18 Year Old Browser Vulnerability

The 0.0.0.0 Day Vulnerability Is Almost Old Enough To Drink, And Remains A Threat

The news from Bleeping Computer about the fact that there is a 18 year old browser vulnerability is rather depressing, though there is a tiny bit of amusement to be gleaned.  It seems the 0.0.0.0 Day Vulnerability only applies to Apple and PCs running Linux, both of which are often lauded as being much more secure than Windows boxes.  In this specific case the tables are turned and Microsoft’s OS is the only safe one.  We can thank the lack of consistent security mechanisms across browsers as well as the lack of a standard way of handling the IP address 0.0.0.0.

Malicious websites gain access to services running on a local computer by sending an HTTP request to 0.0.0.0  and referencing that service.  As most of us aren’t running such services on our machines, the browser vulnerability isn’t something to be overly worried about.  However this vulnerability is perfect for targeting AI workloads on development machines and this is likely why we’ve seen a huge uptick in 0.0.0.0 attacks over the past couple of months. 

Chrome, Firefox and Safari will all finally receive patches to resolve the issue, but if you happen to be running something which could be vulnerable to the attack you should check out the mitigations mentioned in the news post and secure yourself as best as possible.  If a website does take advantage of this browser vulnerability, it can leverage it in a variety of ways, from arbitrary code execution, reverse shells, to configuration alterations.

A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

2 Comments

  1. collie man

    Haven’t thought about 0.0.0.0 in a LONG while, but the question arises, the article doesn’t mention chrome OS. This can’t be a Chromebook vulnerability can it? I mean it IS Linux after all. One wonders

    ALSO she can drink in Quebec

    MONTREAL FO DA WIN!!!!!!!!!!!

    Reply
    • Jeremy Hellstrom

      Lol, I was going to point out she could drink in Hull/Gatineau. May the son of Saku bring us joy!

      Reply

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!