It's not every day you come across a vulnerability that is nearly 20 years old, but cybersecurity researchers have discovered a new zero-day flaw that affects all major browsers.

As reported by The Hacker News, Israeli app security firm Oligo has discovered what it calls a "0.0.0.0 day" that hackers can exploit to access sensitive services running on local devices. The most surprising thing about this critical vulnerability is that it has lain dormant in common browsers for 18 years.

"0.0.0.0 Day" affects all top browsers, including Google Chrome and Chromium-based browsers such as Edge, Safari, and Firefox. It is worth noting, however, that it only affects devices running macOS and Linux. The reason the best Windows laptops are not affected is because Microsoft blocks this IP address at the OS level.

This critical vulnerability allows unauthorized access and remote code execution by hackers who are not on the same local network, using harmless IP addresses such as 0.0.0.0 as a weapon to exploit local services.

In a report on this subject, Oligo security researchers explained that public websites with domains ending in ".com" can communicate with services running on the local network and execute arbitrary code by using the address 0.0.0.0 The website explains that it is possible to communicate with a service running on the local network and execute arbitrary code. This vulnerability also allows the website to bypass Private Network Access (PNA), which prevents public websites from directly accessing endpoints on private networks.

After discovering the vulnerability in April, Origo immediately contacted the companies behind all major browsers so they could implement a fix.

Instead of releasing a security update, Google, Apple, Mozilla, and others plan to block 0.0.0.0 IP addresses in the future. With the release of Chromium 128 last month, Chrome already blocks access to 0.0.0.0, but a full fix for this issue by Google will not be completed for all users until Chrome 133 is released. Meanwhile, Apple has already made changes to WebKit, the browser engine used by Safari, to block access to 0.0.0.0, and Mozilla also blocks this IP address in Firefox.

The first and most important thing you can do to protect yourself from other browser-based attacks is to keep your browser up-to-date; this can be annoying, given Google's frequent releases of new updates to Chrome, but installing takes about a minute, and once the update is complete, all current tabs will be reopened.

Browsers can be attacked by hackers who can infect your computer with malware, so you should also consider using the best anti-virus software on Windows PCs and the best Mac anti-virus software on Apple computers. Both Windows and macOS have built-in antivirus software, but paid options offer even stronger protection, along with useful additional features such as VPNs and password managers.

New vulnerabilities such as those mentioned above are discovered and patched on a daily basis.