Windows 7 Versus XP: Which Belongs On Your Netbook?
Windows Vista was never really an option for netbook users, but the release candidate of Windows 7 piqued our interest. Can Microsoft finally retire Windows XP in the netbook space? Even now with RC1 available, the answer seems tied to driver development. Read More
-
Your 64-Bit Check List: Potential Issues You Might See
Hardware and software support for 64-bit operating systems is available, but the full 64-bit reality may still cause you some distress. We created a short summary of things you need to take into account before installing a 64-bit OS for the first time. Read More
-
Cryostasis: From Russia, With An Appetite For Fast Hardware
We recently had the chance to play a bit of Cryostasis, the latest title supporting Nvidia's PhysX technology. In fact, we played the game on five different hardware configurations. Want to play this one? We'll tell you what you need in order to enjoy it. Read More
- chrome for all users
- safari chrome firefox
- google chrome security review
- google chrome
- application not found google chrome
- chrome firefox internet explorer safari
- software news chrome firefox
- firefox ie chrome
- chrome download
- compare chrome firefox
- download jar
- how to change google chrome file associations
- switch chrome firefox
- browser review explorer chrome firefox safari
- google chrome security review
Partners
The Games selection
violent :
Friday the 24th
Exterminate Santa Claus's elves. Use the arrows to move, S to grab the elves, and A or W to attack them with your sword.
|
violent :
Interactive Buddy
Unwind on your interactive buddy: Do anything you want to him, it will earn you money, and you can buy other stuff to torture him with.
|
Sponsored links
Vulnerability Exposed in Google Chrome Beta
Next news- Email |
- Print |
- Comments (5) |
- Share
Every piece of software on the planet is subject to its share of bugs and flaws at some point in time. It is part of human nature to make mistakes, in this situation it is in the lines of software code. Equally, Internet Explorer, Mozilla and Safari have seen their fair share of interesting ‘features’. It is only expected to see the same thing happen with Chrome, Hence the reason why it is in public Beta stages at this point.
A few hours after the launch of the Chrome public Beta, security researcher Aviv Raff found a hole in the new browser. The new found flaw targets an older version of the WebKit rendering engine. Apple’s latest Safari release uses a newer version of WebKit which is immune from this specific flaw, however Chrome does not.
Aviv Raff has publicized a ‘proof-of-concept’ demonstration showcasing this vulnerability. The demonstration causes Firefox to prompt its users of a Java JAR file download. In Chrome, the file is automatically downloaded without any prompting to the users desktop. Malicious programmers with some good con-artist skills could easily use this vulnerability to trick users in to executing the Java application. The possibilities with what the Java does are endless at this point, just use your imagination.
Raff’s demonstration uses a simple Java based text editing application. You can view the demonstration here.
ZDNet also mentioned that this vulnerability could be used to execute a ‘combo attack’ through an un-patched Internet Explorer flaw. Raff had already spoke of this flaw in relation to Safari back in the last quarter of May. He has not yet released the details, however.
Source : Tom's Hardware
Related news
- Chrome vs Everything Else [Applications]
- Connection Stuck [General Networking]
- CHROME browser Download link. [Applications]
- Have lost signature -screenshot proof! [Tom's Hardware Forum related]
- Internet Explorer freezes/hangs up, Please help!!! [Applications]
Questions? Ask Tom's community!
IT'S A FREAKING BETA VERSION!!!!
Google said themelves that they are not done with it yet. When they get a final version, we should test that to see if it has the same issues.
IT'S A FREAKING BETA VERSION!!!!Google said themelves that they are not done with it yet. When they get a final version, we should test that to see if it has the same issues.
GET A FREAKING CLUE!!!!
That doesn't mean people shouldn't look at it and reveal bugs and security flaws to the Chrome team. Thats how a buggy, insecure Beta becomes a stable final version. Much better to have thousands of eyes looking for flaws then maybe less than a hundred or whatever the size of the chrome team is.
I agree with you about that... other then the get a clue part. It is not that THG posted this, but they are the only ones I can post on.
. Anywho, I still like it. But that’s the great things in life, we can choose what we like and don’t.
It bothers me that people will say that it is bad or this is a big problem when this isn't a final release candidate yet. Yes troubleshooting needs to be done and the best way to do it is by giving it to the masses. I understand that. But don't make a big deal out of a test version. If we did that, then when Google had a basic copy of Android (before the new GUI and further update/grades to it), no one would get it because it was so basic and nothing really did anything special. I think people should recognize that there are current issues but not worry about it or report it like this will always be there.
But like you siad, people should look at it and reveal bugs and security flaws to the Chrome Team. Why is it news? We all knew this would be there because of the toolkit they used to build it. Once they update the toolkit to the newest version, the issue is gone.
Oh, wow.... I think I ranted to long
Good luck!
it is a big deal to use older vulnerable coding to beta test as some users will run into those malicious attacks and be left stranded thanks to the developer not using the latest possible security fixes
ive run the chrome and some flash sites cause the CPU to go 100% and i cant close any of the browser or open task manager to end anything
a flaw with implemented shockwave on the beta
Ahh... I do think it is strange they did use the newest toolkit, but what are you ganna do?
Did you try to use Chrome task manager to close the operation?