Microsoft's Teams, Edge, and Skype have been given emergency updates to address zero-day vulnerabilities impacting the WebP code library or lilwebp, tracked as CVE-2023-4863, and the libvpx video codec library, tracked as CVE-2023-5217, both of which could be exploited to achieve arbitrary code execution, reports BleepingComputer.
Article Link: Open-source library zero-days addressed by Microsoft | SC Media