Older Webkit Confers Vulnerability on Chrome - Open Networks Today

« NebuAd's CEO Packs His Bags | Main | O.k. Maybe NebuAd IS Close to the Brink »

September 4, 2008

Older Webkit Confers Vulnerability on Chrome

Google’s new browser uses an older version of Webkit that includes a disagreeable vulnerability. Colleague Andy Patrizio noted it last night:

“The security site SecuriTeam has found a serious weakness in Chrome’s handling of malicious code. Chrome uses an older version of WebKit, the open-source browser technology also used in Apple’s Safari browser, that includes the vulnerability.

“Chrome has a download progress bar that, when clicked, will execute the file that has just been downloaded. If it’s an executable, a window will pop up, warning the user about downloading malicious code. But if it’s a Java archive file, a .JAR, it will run it with no warning.

“Another vulnerability, which has a proof of concept on the site Evil Fingers, makes it possible to craft a specific link to crash the browser.”

(Link)

E-mail

0 Comments

Digg This

add to del.icio.us

Posted by mhall at 11:43 AM | Add Comment

Leave a comment

NEWSLETTER

Be a Marketplace Partner

RECENT ENTRIES

ARCHIVES

MONTHLY ARCHIVES

September 2008

August 2008

July 2008

June 2008

May 2008

April 2008

March 2008

February 2008

January 2008

December 2007

November 2007

October 2007

September 2007

August 2007

July 2007

internet.commerce

Partner With Us

BLOGROLL

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers

Whitepapers and eBooks
Intel PDF: Virtualization Delivers Data Center Efficiency Intel eBook: Managing the Evolving Data Center Microsoft Article: BitLocker Brings Encryption to Windows Server 2008 Symantec eBook: The Guide to E-Mail Archiving and Management Microsoft Article: RODCs Transform Branch Office Security Go Parallel Article: James Reinders on the Intel Parallel Studio Beta Program		Avaya Article: Advancing the State of the Art in Customer Service Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers Avaya Article: Avaya AE Services Provide Rapid Telephony Integration with Facebook Go Parallel Article: Getting Started with TBB on Windows HP eBook: Storage Networking , Part 1 MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts
Intel Seminar: Efficiencies in Hardware/Software Virtualization HP Webcast: Disaster Recovery Planning Go Parallel Video: Performance and Threading Tools for Game Developers		HP Video: StorageWorks EVA4400 and Oracle HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits
IBM TCO eKIT: Your IT Budget is Under Attack, Get in Control IBM Energy Efficiency eKIT: Learn How to Reduce Costs 30-Day Trial: SPAMfighter Exchange Module		Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos
Microsoft Article: Silverlight Streaming--Free Video Hosting for All Featured Algorithm: Intel Threading Building Blocks - parallel_reduce		HP Demo: StorageWorks EVA4400 MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES