Google plugs Chrome hole
Critical vulnerability
Wednesday, 24 June 2009, 11:53
GOOGLE has plugged a "critical" security vulnerability in its nice shiny Chrome browser.
The latest Chrome release, which has the catchy title of version 2.0.172.33, fixes a hole which opened the browser to a buffer overflow attack.
Writing in its bog, Google said that if a pesky hacker got ahold of it, they could crash the browser or run code with the privileges of the logged-on user.
Exploiting the security flaw would require luring the user to a poisoned web site, but Google did not provided any other details.
Apparently it will tell us more once most people have updated their browsers.
The flaw was found by Chrome's internal security team and not by an outsider. So far there have been no exploits of the bug. µ
Share this:
Share
Advertisement
Subscribe to the INQ Newsletter
Sign-up for the INQBot weekly newsletter
INQ Whitepapers
Business Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
Jobs
Advertisement
INQ Poll
Sounds to me like Google is doing a good job. I use Chrome on my XP rig.
Chrome is actually a surprisingly decent browser. Visually it leads the pack (Firefox is pretty ugly), though it's missing some basic features (like the ability to disable your web history and extension support). With StrokeIt (for mouse gesture) and AdSweep (for adblocking) it actually stands up to Firefox and is dramatically faster at loading.
It's a while before it will be suitable for the mainstream but once they get privacy sorted (more than just the Incognito mode, which is brilliant but not suitable for regular browsing) and add extension support it should take off. It's about time, as Firefox is everything that they criticised IE for - slow at adding new features, insecure, poor at standards support (Acid3 being one indicator), etc.
"but Google did not provided any other details."
Aaah... The grammatical errors :D