Critical Vulnerability Patched in Google's Chrome
A Vietnamese security company has found a critical vulnerability in Google's new browser Chrome, but Google has already released patch for that problem and at least one more.
The vulnerability is one of several problems identified in the browser since it was released early last week. The bug is a buffer overflow that occurs if a user saves a Web page containing an overly long "title" tag, according to Bach Koa Internetwork Security (Bkis), based at the Hanoi Institute of Technology.
The browser can encounter a problem trying to save a file with the name contained in the overly long title tag. An attacker could then have control of the PC and could execute other code on the machine, Bkis wrote on its blog. The problem can be exploited on PCs running Windows XP SP2 and Chrome version 0.2.149.27.
Chrome users are advised to upgrade to the latest version. To do that, go to the wrench icon in the upper right hand corner of the browser and down to "About Google Chrome." The browser will then check for an update. If there is one, Chrome will download it and ask to restart. The up-to-date version is 0.2.149.29.
Although Google has been working on Chrome for two years, it still considers the browser a beta version. The company was using the browser internally among its employees for some time, but its surprise unveiling last week set the browser loose to the general public in more than two dozen languages.
Last week, researcher Aviv Raff wrote that Chrome had a vulnerability due to its use of an outdated version of WebKit web browser engine. The vulnerability is know as the "carpet bombing" flaw, which can cause Windows to download a potentially dangerous JAR (Java archive) and execute it without warning users. Google has also fixed that flaw, a company spokesman said Monday.
The second problem identified shortly after Chrome's release could allow hackers to force Chrome to crash. That vulnerability, found by security researcher Rishi Narang, could be exploited by constructing a malicious link of a certain format, according to Narang's advisory.