Google Chrome was released yesterday with some useful features and i was excited with its features, but with in few hours a security researcher Aviv Raff discovered that Google Chrome is vulnerable to carpet-bombing flaw. This vulnerability could expose Windows users to malicious hacker attacks. (via ZDNet)
The flaw is a combination of two vulnerabilities, a flaw in Webkit rendering engine and a Java bug. Using this flaw a malicious hacker can lure chrome user to download an executable, that gets executed with out warning.
Aviv Raff has setup a demo of the exploit here (this page downloads a Java file to your desktop, but it won’t harm your system, it is just a notepad file), this page shows how malicious hacker can plant malware on Windows desktops.
Google Chrome is using an older version of Webkit (525.13 (Safari 3.1),), Apple fixed this flaw in Safari 3.1.2. Google has talked high on security but used a vulnerable rendering engine, hopefully they will fix it soon.
Related Posts
Tumblr adds two-factor authentication to improve security
Chrome App Launcher is now available to Windows users
Gmail now always uses HTTPS encryption for all messages
Google launches Indoor Maps in India
Google launches Photowall for Chromecast app for beaming photos to your TV
Internet Explorer Security Update Available
Google releases “OK Google” Chrome extension for hands-free voice search
Google Chrome: Google Working on its own browser
