Google Fixes Bugs Affecting Chrome 2 Browser

Google has issued security update v2.0.172.31 that takes care of two dominant vulnerabilities affecting Chrome 2, the most recent browser of Google, thereby allowing unhindered functioning of the same.

The first of the two security fixes addresses a flaw that affects the open source browser WebKit. State security experts that a problem of memory corruption exists in the way WebKit deals with recursion in specific DOM (Document Object Model) event handlers.

However, an attack is successful if the victim is first made to visit a malicious website. The vicious code on this site, nonetheless, would be sandboxed meaning that it would be restricted to an environment that would allow only certain functions. Consequently, the attacker exploiting the flaw would be able to cause only limited damage.

Meanwhile, although the environment within which the flaw could disseminate is restricted, Google rates it (flaw) as 'highly risky.'

State the Google security experts that the new update fixes the security problem via enhanced memory management.

Besides, the update also fixes a flaw in the way WebKit deals with drag events, which could result in the revelation of secret information when content is deceptively brought to a malicious web-page. As explain security specialists, if the attacker can convince a user to drag data from a certain website to a site that the attacker himself controls then he could as well read that data.

Meanwhile, during May 2009, Google released a fresh edition of the Chrome web browser that repaired two serious security flaws of which the first was rated as 'critical' and the second as 'highly risky.'

Say the security experts that Chrome is repeatedly encountering problems from the very time it was first marketed. Earlier, security researchers said that the browser's beta version had certain critical security holes that attackers could exploit without difficulty leading to the compromise of user's security.

Thus Google has been issuing security patches for Chrome as a regular affair leading people to question its status. Also, Chrome users are advised 'caution' while accessing a website or typing any confidential information on a page that might be open in the vulnerable browser.

Related article: Google Rectifies Gmail flaw in Three Days

» SPAMfighter News - 6/18/2009