Tuesday, September 9, 2008

Chrome Security Vulnerabilities Continue to Pile Up

Chrome's first security vulnerability was found hours after its intro; since then other vulnerabilities in a browser that's touted as being ultra-secure have shown up. Of course, as I said earlier, the software is labeled beta, so you should be expecting bugs, whether security bugs or not.

Still, its somewhat ironic the browser that Google has touted to be so secure has been hit with so many "finds" so quickly.

First up, a DoS vulnerability found by Rishi Narang at EvilFingers:

An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window "Whoa! Google Chrome has crashed. Restart now?". It crashes on "int 3" at 0x01002FF3 as an exception/trap, followed by "POP EBP" instruction when pointed out by the EIP register at 0x01002FF4.
Vietnamese security firm Bach Khoa Internet Security (SVRT-Bkis) has found a buffer-overflow vulnerability in Chrome 0.2.149.27 and posted details on its blog. The company says:
We (SVRT-Bkis) have just discovered vulnerability in Google Chrome 0.2.149.27. This is the first Critical Chrome Vulnerability permiting hacker to perform a remote code execution attack and take complete control of the affected system.


We have submitted this Vulnerability to Google. They confirmed and assign a verifier for build 0.2.149.28. At this time, we recommend Chrome users do not access any untrusted website or use “Save As” function until the vunerability is fixed.
As I said, this is a beta, and it's the first beta. But while Chrome is labeled beta, so are many other Google products, some of which have been in beta for what seems like forever. This type of usage of the term "beta" may give users a false sense of security (no pun intended). After all Gmail users have been it for years and it's still in beta.

Given that, how are users supposed to know what's safe to use and what's buggy? As hard as Google may find to admit this, when Microsoft, for example, releases a beta product, it means it, and eventually moves that product to release status.

I must admit that it's become far more common to release beta products to wide public use, to get them out into the market sooner. For me, I usually give such products a try, and then wait for the dust to settle before I really dive in.

[TechnologyExpert]

No comments:

Post a Comment