English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

SPAMfighter is

Microsoft Gold Certified Partner

SPAMfighter also

Works with Windows Vista

SPAMfighter Exchange Module is Microsoft certified ".net connected".

Microsoft .NET Connected

Google Fixes a Crtical Security Flaw in Chrome

Google said that it had recently patched a critical security vulnerability in its browser 'Chrome'. The new Chrome version 2.0.172.33 comes with the patch of the vulnerability that could enable hackers to launch buffer overflow attack.

If the attack gets successful, then it allows hackers to crash down the browser and install malicious code on a targeted machine with the rights of logged-on user.

According to Google, the hackers need to use a specifically designed response from a Hyper Text Transfer Protocol (HTTP) server in order to exploit the vulnerability.

Besides, the new version of Chrome deals with two other security and stability issues, including browser crash problems faced by users at the time of loading some secure HTTPS sites.

SSLtampering vulnerability is ranked high and could be used by an active network attacker to block CONNECT request and reply. The attacker uses a non-200 response that contains malicious code. This code could be executed in the background of victim's requested SSL-protected domain.

It is said that Google will give more information about the vulnerability ones all Chrome users patch their browser. Internal security team of Chrome is credited of discovering the flaw. Users who have already been using Chrome could patch the vulnerability using the built-in update run by clicking on Tools, selecting About Google Chrome and then clicking on Update button.

In general, browser security updates have become more common now-a-days. The update marks appeared second time in two weeks, informing people that Google has updated its browser software.

Before this update, Google had released patches for two flaws on June 9, 2009 that involved the WebKit application framework used to power the open-source browser. If any user accesses a malicious website, hackers could execute a code in Chrome sandbox. There was one more flaw in WebKit's handling of drag events that helped in the disclosure of sensitive data when content was brought to a malicious web page.

According to a joint study by the ETH (Swiss Federal Institute of Technology) and Google Switzerland, automatic updates without user's confirmation is the most effective and successful way to ascertain high rate distribution of new releases, which result in a less number of vulnerable browsers.

» SPAMfighter News - 02-07-2009

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird - Read more

Slow PC? Try SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now.

 

Exchange spam filter

SPAMfighter Exchange Module is a spam/virus filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial

<<<>>>