One of the Chrome features touted by Google was sandboxing and security. Poof, no problem, right? Unfortunately, because Google used an old version of Webkit to create its beta of Chrome, a bug that's already been patched by Apple in Safari 3.1.2 leaves Chrome vulnerable to "carpet bombing" attacks.Yes, I know it's beta, but it's humorous because of Chrome's stance on security, plus it once again shows why you shouldn't use a beta product on your primary system.
Additionally, this was a well-known bug, so Google should have been aware of it; this really tarnishes Chrome's beta release (bad pun intended).
Researcher Aviv Raff discovered the flaw just hours after Chrome's release; by combining the WebKit flaw and a Java bug discussed at this year’s Black Hat conference, users can be tricked users into launching executables directly from the browser.
The proof-of-concept (harmless) demo is here. Of course, it relies on social engineering (meaning human error: a human has to click the button) for the attack to launch, but we users are so gullible sometimes.
Check the Google Chrome About info or the user-agent and you can see that Chrome is actually using WebKit 525.13 (Safari 3.1), which is, as I said, outdated.
[TechnologyExpert]
No comments:
Post a Comment