main
Report a problem

Google Chrome Browser Vulnerable to Security Flaw

Daniel Fleshbourne   on 03 September 2008 - 15:17 · 9 comments & 6353 views

Advertisement (Why?)
A security researcher has published proof-of-concept code showing Google Chrome is vulnerable to an attack targeting an old version of WebKit and a Java bug. News of the flaw came Sept. 2, not long after Google officials announced the launch of the Chrome browser's beta program. A security researcher has discovered a flaw in the beta version of Google’s Chrome browser that can lead to Windows users downloading malicious Java files.

According to the ZDNET security blog, Israeli security researcher Aviv Raff has released proof-of-concept code that targets a vulnerability in an old version of WebKit being used by the Google browser as well as a Java bug. With a little social engineering, users can be tricked into downloading malware onto Windows desktops.

View: The full story @ eWeek

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Daniel Fleshbourne
User name: Daniel
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 9 additional comments
(3 replies) #1 Lasker on 03 Sep 2008 - 15:21
Is an early beta release, what do they expect to be? of course is going to have all kind of vulnerabilities.
#1.1 RichardK on 03 Sep 2008 - 15:56
(Lasker said @ #1)
Is an early beta release, what do they expect to be? of course is going to have all kind of vulnerabilities.


Wow, already with the Google Blinders I see. Google fan boys seem to be even more naive than Apple's.
#1.2 +M2Ys4U on 03 Sep 2008 - 16:25
Well they should have kept up to date with security patches in WebKit. It's probably non-trivial to port the Chrome changes upstream to WebKit but probably trivial to port the security patches downstream.
#1.3 The Intruder on 04 Sep 2008 - 05:43
(RichardK said @ #1.1)
(Lasker said @ #1)
Is an early beta release, what do they expect to be? of course is going to have all kind of vulnerabilities.


Wow, already with the Google Blinders I see. Google fan boys seem to be even more naive than Apple's.


That really doesn't classify him as a fanboy at all, this browser is in beta and they can't stick with that tag in the "final version"
#2 IntelliMoo on 03 Sep 2008 - 15:52
Chrome absolutely stinks anyway with no extension support.
#3 vetmarkjensen on 03 Sep 2008 - 19:48
#4 bob_c_b on 03 Sep 2008 - 22:22


But... but... it's Google, lolz.
#5 thenonhacker on 04 Sep 2008 - 02:09
Sooner or later, we don't have to make a full switch to Google Chrome Browser.

All it takes is for Firefox and Internet Explorer to take
the nice threading and sandboxing principles of Google Chrome
into the next versions.

(With the exception of IE8, where each Tab belongs to a separate process already)
#6 cork1958 on 04 Sep 2008 - 10:07
You knew it was a security flaw just because it has Googles name on it. You knew they would use every single bit of personal info acquired just from browsing the web because it's Google.

Browser stinks!!

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1387) © 2000 - 2008 Neowin.net