Feeds

Google Chrome update fills in parsing bug

Browser engine gets security tune-up

Remote control for virtualized desktops

Google has published a update to its Chrome browser that addresses a newly discovered high risk security hole.

Chrome version 3.0.195.24 sorts an error in processing long floating point numbers that creates a means for hackers to execute malware within the Google Chrome sandbox. The flaw in the dtoa() component of Chrome's engine is of a type that might lend itself to drive-by download attacks, as explained in Google's advisory here.

Although any malware would only run inside Chrome's sandbox, Google still defines the flaw as "high risk". Security notification firm Secunia goes further and describes the flaw, discovered by Maksymilian Arciemowicz of SecurityReason (advisory here), as "highly critical". ®

Beginner's guide to SSL certificates

More from The Register

next story
Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop
Web giant looking into why version 5.0 of Android is crippling older slabs
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.