You are here: silicon.com > Software > Security Strategy

Security Strategy

Google plugs two critical Chrome vulnerabilities

Browser holes could have left users open to attack

Tags: browser, google, chrome

Printer Friendly Email Story RSS

By Stephen Shankland

Published: 26 August 2009 09:03 GMT

Google has fixed two high-severity vulnerabilities in the stable version of its Chrome browser that could have let an attacker remotely take over a person's computer.

With one attack on Google's V8 JavaScript engine, malicious JavaScript on a website could let an attacker gain access to sensitive data or run arbitrary code on the computer within a Chrome protected area called the sandbox, Google said in a blog post Tuesday. With the other, a page with XML-encoded information could cause a browser tab crash that could let an attacker run arbitrary code within the sandbox.

Chrome 2.0.172.43 fixes the issues and another medium-severity issue. Once Chrome is installed, it retrieves updates automatically and applies them when people restart the browser.

Google won't release details of the vulnerabilities until "a majority of users are up to date with the fix", engineering program manager Jonathan Conradt said in the blog post.

Original article: Google patches severe Chrome vulnerabilities from CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Google Chrome for Linux, arriving soon in 64 bits

Google's Chrome beta niceties show the seriousness of browser battle ahead

Google gives Chrome a shine with the launch of 29 themes

Microsoft after Gates, Google Chrome, ID cards, printer woes and more

Chrome OS: What Google can do, Ubuntu does better

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
Global Production Support Manager - Post Trade Securities

Global Production Support Manager - Post Trade Securities - Top Tier Investment Bank Global Production Support Manager - Post Trade Securities - Top ...

Senior Web Designer

Thespecificresponsibilitiesof this post include: designing and building great websites and templates for our customer facing sites providing ...

Lead Designer - Digital Agency / Website Build

Ideally with an agency background, you'll show a portfolio which includes strong creative and design skills, multi browser experience, brand ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?

Users tell SAP: 'We need to talk more'

Second iPhone worm: A botnet risk

Outsourcing: CIOs' tips on getting it right




Quick Sitemap Links: