Best offers
|
Windows 7 Home Premium (Upgrade) | $79.99 STAPLES More info |
|
Office 2007 Home and Student (Full... | $105.91 Royaldiscount.com More info |
|
Windows 7 Ultimate (Upgrade) | $139.99 STAPLES More info |
|
Windows 7 Home Premium - 3 Users... | $149.99 STAPLES More info |
|
Office 2007 Professional (Academic) | $124.99 Royaldiscount.com More info |
Benchmarking Windows 7: Harder, Better, Faster, Stronger?
Often hailed as the solution to Windows Vista performance problems, we wanted to know just how much better Windows 7 really is. We put one of our most recent test platforms through its paces to find out, benchmarking raw performance and responsiveness. Read More
-
Tom's Definitive Linux Software Roundup: Communications Apps
This is the second part of our Linux Software Roundup. Part one covered Internet Apps. Today we'll be looking at Communications Apps. This includes personal information managers, email clients, instant messengers, VoIP software, and IRC clients. Read More
-
How To: Windows XP Mode In...Ubuntu Linux?
Windows 7's XP Mode has already convinced many users who sat out for Vista to go out and upgrade. But will they buy the right version of Windows 7 to get XPM? You do know you can get the same XP functionality from a Linux distribution for free, right? Read More
Partners
The Games selection
action :
Yoyo the Star
Yoyo is a young girl who recently graduated and dreams to become a movie star (don't we all). You'll have to guide her on the path to stardom,...
|
kids :
Bob
Throw bubbles so as to make the ones that appear in the game disappear. For this, use the Right / Left arrow keys to duck or move about, and the...
|
Sponsored links
Vulnerability Exposed in Google Chrome Beta
Next news- Email |
- Print |
- Comments (5) |
- Share
Every piece of software on the planet is subject to its share of bugs and flaws at some point in time. It is part of human nature to make mistakes, in this situation it is in the lines of software code. Equally, Internet Explorer, Mozilla and Safari have seen their fair share of interesting ‘features’. It is only expected to see the same thing happen with Chrome, Hence the reason why it is in public Beta stages at this point.
A few hours after the launch of the Chrome public Beta, security researcher Aviv Raff found a hole in the new browser. The new found flaw targets an older version of the WebKit rendering engine. Apple’s latest Safari release uses a newer version of WebKit which is immune from this specific flaw, however Chrome does not.
Aviv Raff has publicized a ‘proof-of-concept’ demonstration showcasing this vulnerability. The demonstration causes Firefox to prompt its users of a Java JAR file download. In Chrome, the file is automatically downloaded without any prompting to the users desktop. Malicious programmers with some good con-artist skills could easily use this vulnerability to trick users in to executing the Java application. The possibilities with what the Java does are endless at this point, just use your imagination.
Raff’s demonstration uses a simple Java based text editing application. You can view the demonstration here.
ZDNet also mentioned that this vulnerability could be used to execute a ‘combo attack’ through an un-patched Internet Explorer flaw. Raff had already spoke of this flaw in relation to Safari back in the last quarter of May. He has not yet released the details, however.
Source : Tom's Hardware
IT'S A FREAKING BETA VERSION!!!!
Google said themelves that they are not done with it yet. When they get a final version, we should test that to see if it has the same issues.
IT'S A FREAKING BETA VERSION!!!!Google said themelves that they are not done with it yet. When they get a final version, we should test that to see if it has the same issues.
GET A FREAKING CLUE!!!!
That doesn't mean people shouldn't look at it and reveal bugs and security flaws to the Chrome team. Thats how a buggy, insecure Beta becomes a stable final version. Much better to have thousands of eyes looking for flaws then maybe less than a hundred or whatever the size of the chrome team is.
I agree with you about that... other then the get a clue part. It is not that THG posted this, but they are the only ones I can post on.
. Anywho, I still like it. But that’s the great things in life, we can choose what we like and don’t.
It bothers me that people will say that it is bad or this is a big problem when this isn't a final release candidate yet. Yes troubleshooting needs to be done and the best way to do it is by giving it to the masses. I understand that. But don't make a big deal out of a test version. If we did that, then when Google had a basic copy of Android (before the new GUI and further update/grades to it), no one would get it because it was so basic and nothing really did anything special. I think people should recognize that there are current issues but not worry about it or report it like this will always be there.
But like you siad, people should look at it and reveal bugs and security flaws to the Chrome Team. Why is it news? We all knew this would be there because of the toolkit they used to build it. Once they update the toolkit to the newest version, the issue is gone.
Oh, wow.... I think I ranted to long
Good luck!
it is a big deal to use older vulnerable coding to beta test as some users will run into those malicious attacks and be left stranded thanks to the developer not using the latest possible security fixes
ive run the chrome and some flash sites cause the CPU to go 100% and i cant close any of the browser or open task manager to end anything
a flaw with implemented shockwave on the beta
Ahh... I do think it is strange they did use the newest toolkit, but what are you ganna do?
Did you try to use Chrome task manager to close the operation?