A security researcher has published proof-of-concept code showing Google Chrome is vulnerable to an attack targeting an old version of WebKit and a Java bug. News of the flaw came Sept. 2, not long after Google officials announced the launch of the Chrome browser's beta program. A security researcher has discovered a flaw in the beta version of Google's Chrome browser that can lead to Windows users downloading malicious Java files.
According to the ZDNET security blog, Israeli security researcher Aviv Raff has released proof-of-concept code that targets a vulnerability in an old version of WebKit being used by the Google browser as well as a Java bug. With a little social engineering, users can be tricked into downloading malware onto Windows desktops.
View: The full story @ eWeek