Google buffs Chrome with security update
PrintSilent patch fixes bug brace
Posted in Enterprise Security, 7th May 2009 12:45 GMT
Free whitepaper – PowerEdge M1000e, M600 and M605 spec sheet
Google has pushed out an update for its Chrome browser that lances two vulnerabilities, one of which it defines as critical.
The critical flaw involves a failure to properly validate input from a renderer (tab) process. Successful exploitation of the flaw might allow the injection of hostile code onto vulnerable systems, hence the critical tag.
The second "high risk" flaw involves problems in calculating image size. The security bug creates a means for hackers to crash vulnerable systems, for example after tricking users into visiting malicious constructed websites.
Both flaws are explained in more depth in an advisory by Google here. It's the second time in two weeks that Google has updated its browser software in response to a security problem. A previous update - issued on 23 April - addressed an unrelated lower-risk security bug.
Google Chrome contains a background updating function so the browser will update itself to the latest version, Chrome 1.0.154.64, unbeknownst to most users. ®
Free whitepaper – Out-of-box comparison between Dell, HP, and IBM blade servers
What Exchange can't do - and Dell can
Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive