Security

Topics:   Security

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Google Chrome Polishes Its First Security Update


Posted by George Hulme, Sep 8, 2008 07:26 PM

Last week, Google released its shiny new Chrome browser. However, before the week finished, Google also had to issue a patch for one of security's most common -- and most well-known to developers -- application security issues: a buffer overflow vulnerability that would make it possible for an attacker to completely take over your system.

According to this advisory from security firm SVRT-Bkis, they found a critical buffer overflow in Google Chrome that would enable an attacker to take complete control of an unpatched system.

From the advisory:

Type of Issue : Buffer Overflow.

Affected Software : Google Chrome 0.2.149.27.

Exploitation Environment : Google Chrome on Windows XP SP2.

Impact: Remote code execution.

Rating : Critical.

Description :
The vulnerability is caused due to a boundary error when handling the "SaveAs" function. On saving a malicious page with an overly long title ( tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users' systems.</p> <p>How an attacker could exploit the issue :<br /> To exploit the Vulnerability, a hacker might construct a specially crafted Web page, which contains malicious code. He then tricks users into visiting his Web site and convinces them to save this Page. Right after that, the code would be executed, giving him the privilege to make use of the affected system.<br /> </blockquote></p> <p>Fortunately, Google promptly fixed the flaw. Just make sure you are running version 0.2.149.29 or higher. You can do that by selecting About, then Update within Chrome, or visiting <a href="http://www.google.com/chrome/">this</a> Google page.</p> <p>I've a suspicion we've many more Google Chrome security-related updates on the way.<br /> </p></span> <p><font size="1"> <font size="2"><a href="/blog/main/archives/2008/09/htc_touch_pro_c.html">« HTC Touch Pro Coming To AT&T As Fuze?</a> | <a href="/blog/main/">Main</a> | <a href="/blog/main/archives/2008/09/google_is_every.html">Google Is Everywhere »</a> </font> </font></p> </strong></td> </tr></table> <br /> <br /> <!-- news alerts sign up --> <table align="center" width="250" cellspacing="2" cellpadding="2" border="1" bordercolor="#800000"> <tr> <td align="center"><strong><a href="http://login.cmp.com/newsAlerts/ez_subscription.jhtml;jsessionid=55JEJD02RWKA5QE1GHQSKHWATMY32JVN?k=blogalert&cid=art_alert_blog">Sign Up Now</A><br / >For <i>InformationWeek</i> News Alerts</strong></td> </tr> </table> <!-- / news alerts sign up --> <br /><br /> <a name="comments"></a> <!-- forumID: [13], blogID: [42796] --> <div style="position:relative;float:left;width:600px;height:auto;overflow:hidden;margin-top:0px; margin-left:0px;border:0px solid #ccc; padding-bottom:5px;"> <script language="JavaScript" type="text/javascript"> var jiveTitle = "Google Chrome Polishes Its First Security Update" var jiveDescription = "For full blog:\n\nhttp://www.informationweek.com/blog/main/archives/2008/09/google_chrome_p.html" </script> <!-- read the cookie and set jiveSync parameter --> <!-- jiveSync: user is not logged in, checking on cookies... --> <script language='JavaScript' type='text/javascript' src='http://www.informationweek.com/btgcommunity/communityjs/780;jsessionid=55JEJD02RWKA5QE1GHQSKHWATMY32JVN?forum=13&key=42796&cmpJiveUser='></script> </div> <br/><img src="http://i.cmpnet.com/portal/blank.gif" width="1" height="5" hspace="0" vspace="0" border=0><br/> <font size="1">This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.</font><br/><img src="http://i.cmpnet.com/portal/blank.gif" width="1" height="5" hspace="0" vspace="0" border=0><br/> <font size="1">Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's <a href="http://www.cmp.com/delivery/terms.html">Terms of Service</a>.</font><br/><img src="http://i.cmpnet.com/portal/blank.gif" width="1" height="5" hspace="0" vspace="0" border=0><br/> <font size="1"><strong>Important Note:</strong> This comment area is NOT intended for commercial messages or solicitations of business.</font><br/><img src="http://i.cmpnet.com/portal/blank.gif" width="1" height="5" hspace="0" vspace="0" border=0><br/> <br /> <!-- link E - No content returned ... IsEmpty=true --> <debug name="link E url" value="http://adserver1.eseohserve.com/pull?v1=www.informationweek.com&v2=archives/2008/09/google_chrome_p.html&v3=archives/2008/09/google_chrome_p.html"> <hr width="95%" size="1" color="dbe4ed" noshade> <!-- end blog dhandler-->