In the wake of the recent disclosure of a zero-day vulnerability in the libwebp library, IPS has been quick to act to ensure the unwavering security of our managed services. This flaw notably impacts Google Chrome and other applications that leverage the libwebp library for image processing.

Jeff Gooch, CTO of IPS, underscores the seriousness of the situation:

"The exploit, identified as CVE-2023-5129, unveils a critical flaw leading to a heap buffer overflow... enabling attackers to execute malicious code, potentially causing data breaches or unauthorized access to sensitive information."

With a dedicated team, IPS is meticulously working on applying the necessary patches and updates to mitigate the risks associated with this vulnerability. Furthermore our newest addition, Cybersecurity Consultant Josh Gelman, has been instrumental in spearheading our response to ensure the optimal security posture for our customers.

Over the past 48 hours we have manually patched hundreds of client endpoints. We are also working to provide our customers with timely updates and guidance, reinforcing our enduring commitment to safeguarding their operational integrity amidst evolving cybersecurity threats.

Additionally there is a very active list of affected platforms and applications available at GitHub.