Information Security News mailing list archives
Google's Chrome Browser Not Yet Secure
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 4 Sep 2008 02:18:32 -0500 (CDT)
http://www.informationweek.com/news/internet/google/showArticle.jhtml?articleID=210300297 By Thomas Claburn InformationWeek September 3, 2008 Google (NSDQ: GOOG)'s Chrome browser is only a day old, but security researchers already have found vulnerabilities that can be exploited. According to a report published by ZDNet, security researcher Aviv Raff has found that he can combine a flaw in the open source WebKit engine with a Java bug to dupe Chrome users into downloading executable files. Apple, which uses WebKit in its Safari browser, fixed this flaw with its Safari 3.1.2 browser patch. Chrome uses an older version of WebKit that has not been repaired. Another security researcher, Rishi Narang, claimed to have found a way to crash Chrome with a malicious link. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/
Current thread:
- Google's Chrome Browser Not Yet Secure InfoSec News (Sep 04)