Developers have plugged a critical hole in a PNG reference library used by
many browsers to render graphics file.
The 1.2.44 and 1.4.3 updates to the libpng open source reference library
address a bug that, left unfixed, created a mechanism for hackers to inject code
onto vulnerable systems.
Older versions of the Portable Network Graphics (PNG) format library
contained a buffer overflow-style flaw.
The bug was discovered by developers at Mozilla. It’s unclear which browsers
supported the vulnerable library files.