Google Fixes 'Critical' Security Hole in Chrome

Google has plugged a security vulnerability in its Chrome browser that the company considers critical.

The latest Chrome release -- version -- fixes an issue that could let a malicious hacker carry out a buffer overflow attack, Google said Monday in an official blog.

If successful, the attack could allow the hacker to crash the browser and run code on a compromised machine with the privileges of the logged-on user.

To exploit the vulnerability, the hacker would have to involve "a specially crafted response from an HTTP server," according to Google, which didn't go into more specifics in the blog posting.

Google plans to provide more details about the vulnerability once a majority of Chrome users have patched their browsers. Chrome's internal security team discovered the flaw.

This latest version also fixes other bugs, including Chrome crashes when loading some HTTPS sites.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Best of PCWorld Newsletter