Log in | Sign up


Crave Asia

Chrome suffers first security flaw

Robert Vamosi  |  Sep 04, 2008
On Wednesday, researchers announced a flaw in how the Google Chrome browser behaves with undefined handlers. An exploit provided as a demonstration crashes the new browser.

In an article on the Securiteam site, Rishi Narang from Evilfingers says a crash can occur without user interaction. If a user is provided a malicious link with an undefined handler followed by a special character, Chrome crashes.

In Google-speak, the browser displays a message: "Whoa, Google Chrome has crashed. Restart now?"

Narang found the fault in chrome.dll version 0.2.149.27. More details can be found on this Evilfingers page.

And on Tuesday, mere hours after Chrome was released, researcher Aviv Raff concocted a proof-of-concept demo to show how the Google browser could be made vulnerable to a carpet-bombing flaw and thus open a window for ill-intentioned hackers.

Via Crave CNET
Filed under:  PC & Peripherals
Leave a comment  |   Bookmark  |   Share
Slashdot
Digg
Facebook
Twitter
Delicious
Reddit
Google
StumbleUpon
close this

Add tag
To add tags, you need to become a member. It's FREE.
 

To post comments, you need to become a member. It's FREE.  

advertisement

Crave is...


The name says it all. Crave is our blog about cool gadgets and other crushworthy stuff.

Drop us an email if you have tips or suggestions.
 

Crave for...


» Mobile Phones (2154)

» Digital Cameras (948)

» Notebooks (1206)

» PC & Peripherals (1278)

» Handhelds (579)

» Printers (78)

» Home AV (1100)

» Music & Play (873)

» Gadgets (1446)

» Future Tech (379)

» Green Tech (166)

» Lifestyle (142)

» Luxury (22)

» Home Appliances (56)

» Cars (97)

» Games and Gear (226)

» Software (83)

» Web (89)

 

Previously...


2009

» November

» October

» September

» August

» July

» June

» May

» April

» March

» February

» January

2008

2007

2006

2005

2004