[ISN] Google's Chrome Browser Not Yet Secure

From: InfoSec News <alerts_at_private>
Date: Thu, 4 Sep 2008 02:18:32 -0500 (CDT)
http://www.informationweek.com/news/internet/google/showArticle.jhtml?articleID=210300297

By Thomas Claburn
InformationWeek
September 3, 2008

Google (NSDQ: GOOG)'s Chrome browser is only a day old, but security 
researchers already have found vulnerabilities that can be exploited.

According to a report published by ZDNet, security researcher Aviv Raff 
has found that he can combine a flaw in the open source WebKit engine 
with a Java bug to dupe Chrome users into downloading executable files.

Apple, which uses WebKit in its Safari browser, fixed this flaw with its 
Safari 3.1.2 browser patch. Chrome uses an older version of WebKit that 
has not been repaired.

Another security researcher, Rishi Narang, claimed to have found a way 
to crash Chrome with a malicious link.

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/
Received on Thu Sep 04 2008 - 00:18:32 PDT

This archive was generated by hypermail 2.2.0 : Thu Sep 04 2008 - 00:28:34 PDT