Major Security Flaw Discovered in Popular Web Browsers: Google and Apple Rush to Fix

0.0.0.0 bug: How Google and Apple plan to save your devices from this 'spy attack' - Times of India

Apple and Google are taking steps to address a critical security vulnerability that has affected some of the world's most popular web browsers, including Safari and Chrome, for nearly two decades. A recently discovered loophole in IP address 0.0.0.0 handling reportedly allowed hackers to bypass network security measures and gain unauthorised access to private networks. According to Forbes, the flaw that has affected browsers has been exploited to breach both home and business networks. In response to the urgent threat, both tech giants have announced plans to block access to the vulnerable IP address, 0.0.0.0 with an aim to prevent malicious actors from exploiting the security gap that has been open for the last 18 years. What is '0.0.0.0' security flaw and how hackers attacked Chrome, Safari users The 0.0.0.0 is a special IP address that signifies an invalid, unknown or unspecified address. It is essentially a placeholder and has specific uses in networking. For example, think of an IP address as a home address for your computer on the internet. Just like your physical house has an address used by people to reach you, every computer has an address which is needed by other computers to find it. Now, 0.0.0.0 is like saying "no address", which means it is a dummy address that doesn't really point to anything specific. Hence, any internet traffic that doesn't have a specific destination is sent through this gateway. In this case, hackers found a way to trick computers into thinking they were talking to themselves (using this "no address") instead of going through the proper security checks. Consider it as finding a secret backdoor into a system that allowed hackers to sneak past security and get into private networks, the "Exploiting 0.0.0.0-day can let the attacker access the internal private network of the victim, opening a wide range of attack vectors," the report quoted Avi Lumelsky, AI security researcher at Israeli cybersecurity startup Oligo. Hackers can get access to files, messages and credentials on the machine. Which device are under threat The researchers say that hackers are likely to only affect individuals and businesses hosting web servers, though there may be a very high number of vulnerable systems. The researchers found hackers may also run malicious code on servers hosting the Ray AI framework - used to train AI models by some of the world's biggest tech companies, including Amazon and Intel. Google and Apple to block access to IP address Apple has said it will block all attempts from websites to hit 0.0.0.0 in the beta of macOS 15 Sequoia. Meanwhile, Google has plans to do the same. "We propose to block access to IP address 0.0.0.0 in advance of PNA completely rolling out," Google said in a post. "Chrome is deprecating direct access to private network endpoints from public websites as part of the Private Network Access (PNA) specification," it added. The TOI Tech Desk is a dedicated team of journalists committed to delivering the latest and most relevant news from the world of technology to readers of The Times of India. TOI Tech Desk's news coverage spans a wide spectrum across gadget launches, gadget reviews, trends, in-depth analysis, exclusive reports and breaking stories that impact technology and the digital universe. Be it how-tos or the latest happenings in AI, cybersecurity, personal gadgets, platforms like WhatsApp, Instagram, Facebook and more; TOI Tech Desk brings the news with accuracy and authenticity.

Zero-Day IP Address Exploit Lets Hackers Attack Mac, Linux Computers

A zero-day flaw using the 0.0.0.0 IP address has seen a spike in use and been exploited by hackers in recent months, potentially putting users of major web browsers like Safari, Chrome, and Firefox on macOS or Linux at risk, a new report reveals. Cybersecurity firm Oligo reported the threat, which could allow hackers to breach private networks by communicating with local software on Mac or Linux operating systems. Safari, Firefox, and any Chromium-based web browsers is vulnerable to this threat, meaning Microsoft Edge and Opera are technically exposed, too. Windows machines, however, are not affected by this flaw. Public websites can interact with services on the localhost or local network and could "execute arbitrary code on the visitor's host by using the address 0.0.0.0 instead of localhost/127.0.0.1.," the researchers explain in their post summarizing the exploit. "By allowing 0.0.0.0 you're allowing all of the stuff that for years you've been blocking," Gal Elbaz, cofounder and CTO of Oligo, tells Forbes. "By allowing 0.0.0.0 you're basically allowing everything." Oligo researchers note that 0.015% of all websites communicate this IP address, meaning about 100,000 websites could facilitate this attack. So far, hackers have reportedly been using this IP address as part of attacks on AI workloads. Apple will reportedly include its fix for this flaw in the macOS 15 Sequoia beta release by blocking the 0.0.0.0 address, and has updated its Safari WebKit to block connections to that IP. Chrome is proposing a similar fix for its browser, acknowledging that the 0.0.0.0 address allows users to get around its Private Network Access protection. Mozilla, however, has not yet decided how to address the issue with Firefox. "Imposing tighter restrictions comes with a significant risk of introducing compatibility problems," a Mozilla spokesperson tells PCMag via email. "As the standards discussion and work to understand those compatibility risks is ongoing, Firefox has not implemented any of the proposed restrictions."

Popular Browsers Chrome, Safari, And Firefox Fall Prey To Major 18-Year-Old Security Hole That Allows Hackers To Infiltrate Firewalls: Report - Alphabet (NASDAQ:GOOG), Apple (NASDAQ:AAPL)

A significant security loophole has been exploited in major browsers, including Apple Inc.'s AAPL Safari, Alphabet Inc.'s GOOG GOOGL Google Chrome, and Mozilla's Firefox. This vulnerability, present for nearly two decades, has allowed hackers to infiltrate private networks, even those protected by firewalls. What Happened: The issue stems from the way these browsers process queries to a 0.0.0.0 IP address. These queries are redirected to other IP addresses, including "localhost," a server typically used for testing code in a private setting, reported Forbes. Israeli cybersecurity startup Oligo discovered that hackers have been exploiting this vulnerability to gain access to private data. The attack, known as a "0.0.0.0-day" attack, involves luring the target into visiting a seemingly innocuous website that sends a malicious request to access files via 0.0.0.0. See Also: Nvidia Upcoming Chip Launch Faces Delay Due To Design Flaws -- Setback Expected To Impact Meta, Microsoft And Google: Report "Developer code and internal messaging are good examples of some of the info that can be accessed right away," stated Avi Lumelsky, an AI security researcher at Oligo. "But more importantly, exploiting 0.0.0.0-day can let the attacker access the internal private network of the victim, opening a wide range of attack vectors," added Lumelsky. Apple has confirmed to Forbes that it plans to block all attempts by websites to access 0.0.0.0 in the macOS 15 Sequoia beta. Google's Chromium and Chrome security teams are also considering a similar move, according to online posts, the report noted. Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox. On the other hand, Mozilla has not yet introduced a solution in Firefox, citing concerns that blocking 0.0.0.0 could disrupt servers that use the address as a substitute for localhost. Apple, Google, and Mozilla did not immediately respond to Benzinga's request for comments. Notably, Microsoft Corp.'s MSFT Windows systems are immune to this attack as the tech giant has blocked 0.0.0.0 on its operating system. The researchers are scheduled to present their findings at the DEF CON conference in Las Vegas this weekend. Why It Matters: The IP address 0.0.0.0 is a non-routable IPv4 address with several uses, primarily as a default or placeholder address. The Internet Engineering Task Force defines the IP address 0.0.0.0 as a reserved, special-purpose address for "this host, this network," according to TechTarget. Despite its valid address syntax, a client device using it as a source IP address cannot communicate on a network. This makes exploiting this address by hackers a significant concern, as it allows them to breach private networks undetected. Check out more of Benzinga's Consumer Tech coverage by following this link. Read Next: Why Tim Cook Should Be Worried About Google's Recent Antitrust Case Loss Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors. Photo courtesy: Unsplash Market News and Data brought to you by Benzinga APIs

Apple, Google to fix a decade-old flaw that could compromise security on their browsers: Report

Apple will reportedly fix an 18-year-old exploit in its latest update for the Safari browser. The fix will be available for macOS Sonoma and macOS Ventura, a report from Forbes said. Known as the '0.0.0' security vulnerability, the exploit can be used by websites to send malicious requests to a browser. These malicious requests can be used by attackers to access internal private networks available on the victims' device, opening their organisations network to a plethora of attack vectors. Security researchers say the exploit can also be used by attackers to run rogue code on servers which are used to run AI frameworks by companies like Amazon and Intel. However, this is possible only on macOS and Linux, as Microsoft has chosen to block 0.0.0 on Windows. (For top technology news of the day, subscribe to our tech newsletter Today's Cache) Hackers make use of the exploit by taking advantage of the way web browsers like Safari, Chrome, and Firefox handle queries to a 0.0.0. IP address by redirecting those queries to other IP addresses. In some cases, the requests are redirected to a local host which is used as a local internal server for testing pre-release code. This allows hackers to collected information and private data from company servers. It is unclear if Apple has already released a for the exploit in its latest beta or if it will be added later. Meanwhile, Google also said they plan to fix the vulnerability with a future update. Read Comments