#AVD #Classic #Retired #libwebp #Vulnerability #Update #Google #Discontinues #Product
On this week’s episode I cover details shared by Satya Nadella during his testimony in Google’s antitrust case, I dive into the Google Chromebook Plus announcement and the AVD Classic retirement date plus much more!
This episode is brought to you in large part thanks to my sponsors:
Episode 302 is available on Soundcloud:
And on YouTube:
If you’d like to play the Podcast on a different podcast service such as Apple Podcasts, Google Podcasts or Spotify. You can find this episode at 5BytesPodcast.com
Here are this episode’s links as shown in the YouTube video:
Scripts, Tricks and Tips:
Testing Applications in System Context: A Step-by-Step Guide Using PsExec:
https://scloud.work/testing-applications-system-context-psexec/
Blue Sky:
https://bsky.app/profile/rorymon.com
Microsoft and Google’s Tug of War for Apple:
https://mspoweruser.com/microsoft-lose-billions-apple-default-search/
Apple May Be Working on Search Engine:
https://mspoweruser.com/apple-search-engine-to-replace-google/
Libwebp Vulnerability Update:
https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
On last week’s episode of the podcast I covered the fact that Google revised one of their previous vulnerability disclosures from 3 weeks ago about a Heap Buffer overflow vulnerability and published a new CVE – CVE-2023-5217 which listed a library used for media compression called libwebp as a vulnerable component without much explanation for the progression that lead to them disclosing 2 separate CVEs.
When I scripted last week’s episode a handful of other applications were identified as vulnerable due to also using this library. I also stated this one has the potential to become like the Log4Shell vulnerability last year that resulted in many vendors issuing patches due to relying on a popular library and wouldn’t ya know it, that is exactly what has happened.
Curated List of Vulnerable Apps:
https://docs.google.com/spreadsheets/d/1QLLFYCO0FMAu1ob6mnYCapW8dnx-HXunbf_zc9QLXlM/edit#gid=1774064991
Microsoft’s libwebp Advisory:
https://msrc.microsoft.com/blog/2023/10/microsofts-response-to-open-source-vulnerabilities-cve-2023-4863-and-cve-2023-5217/
Arm Vulnerabilities Being Exploited in the Wild:
https://arstechnica.com/security/2023/10/vulnerable-arm-gpu-drivers-under-active-exploitation-patches-may-not-be-available/
AVD Classic EoL:
https://www.theregister.com/2023/10/03/azure_virtual_desktop_classic_eol/
Apple Agrees to China’s Regulations of App Store:
https://bgr.com/tech/apple-agrees-to-tighten-rules-for-chinese-app-store-no-foreign-apps-allowed/
Chromebook Plus Announcement:
https://www.neowin.net/news/google-officially-confirms-chromebook-plus-laptops-preorders-begin-oct-8-starting-at-399/
Cloudflare Could be Leveraged in DDoS Attacks:
https://www.bleepingcomputer.com/news/security/cloudflare-ddos-protections-ironically-bypassed-using-cloudflare/
Copilot Bugs Identified:
https://betanews.com/2023/10/03/microsoft-admits-what-many-windows-11-users-already-knew-copilot-is-buggy/
Outlook Issues Resolved:
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-outlook-prompts-to-reopen-closed-windows/
Tor No Longer Identified as Trojan by Defender:
https://www.bleepingcomputer.com/news/security/microsoft-defender-no-longer-flags-tor-browser-as-malware/
Google Discontinues Another Product:
https://mspoweruser.com/google-discontinue-jamboard-2024/
300th Episode Giveaway:
https://sweepwidget.com/c/73417-0dcho8t4
Full Podcast Episode Guide:
5bytespodcast.com
Check out my site:
Rorymon.com
Twitter:
@Rorymon
![Best Agile Tools 2023 [Free & Paid Project Management Software]](https://i2.wp.com/www.cloudwards.net/wp-content/uploads/2023/11/Best-Agile-Tools.png?resize=200,200)
![Best Agile Tools 2023 [Free & Paid Project Management Software]](https://i2.wp.com/www.cloudwards.net/wp-content/uploads/2023/11/Best-Agile-Tools.png?resize=520,293)
