Google Chrome Browser Vulnerable to Security Flaw

A security researcher has published proof-of-concept code showing Google Chrome is vulnerable to an attack targeting an old version of WebKit and a Java bug. News of the flaw came Sept. 2, not long after Google officials announced the launch of the Chrome browser's beta program. A security researcher has discovered a flaw in the beta version of Google's Chrome browser that can lead to Windows users downloading malicious Java files.

According to the ZDNET security blog, Israeli security researcher Aviv Raff has released proof-of-concept code that targets a vulnerability in an old version of WebKit being used by the Google browser as well as a Java bug. With a little social engineering, users can be tricked into downloading malware onto Windows desktops.

View: The full story @ eWeek

Report a problem with article
Previous Story

Microsoft eases hard drive capacity restriction for netbooks

Next Story

Mobile users offered first external SSD

8 Comments

(Lasker said @ #1)
Is an early beta release, what do they expect to be? of course is going to have all kind of vulnerabilities.

Wow, already with the Google Blinders I see. Google fan boys seem to be even more naive than Apple's.

Well they should have kept up to date with security patches in WebKit. It's probably non-trivial to port the Chrome changes upstream to WebKit but probably trivial to port the security patches downstream.

(RichardK said @ #1.1)

Wow, already with the Google Blinders I see. Google fan boys seem to be even more naive than Apple's.

That really doesn't classify him as a fanboy at all, this browser is in beta and they can't stick with that tag in the "final version"

Sooner or later, we don't have to make a full switch to Google Chrome Browser.

All it takes is for Firefox and Internet Explorer to take
the nice threading and sandboxing principles of Google Chrome
into the next versions.

(With the exception of IE8, where each Tab belongs to a separate process already)

You knew it was a security flaw just because it has Googles name on it. You knew they would use every single bit of personal info acquired just from browsing the web because it's Google.

Browser stinks!!

Commenting is disabled on this article.