Skip Links

Network World

Security Blog

Chrome gets a ding

By SecurityBlog on Wed, 09/03/08 - 7:29am.
Newsletter Signup

Like the dread of getting a ding in that new car, Google experienced its first ding with its much hyped Chrome browser. While the new Internet surfing tool does a good job of sandboxing applications running in tabs and tries to keep a lid on memory use, researchers have found a flaw in the WebKit engine Chrome uses. The WebKit is vulnerable to a carpet bombing attack that could land a malicious Java JAR file on a victim's machine in two seemingly harmless clicks.

The good news is this is the same vulnerability that plagued Apple's Safari browser and there's a patch available for that, so Google should be able to polish Chrome up pretty quickly. That said, I am sure there will be more dings down the road given the high profile nature of the application and its creator.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • You can use BBCode tags in the text.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <p> <strong> <i> <br /> <br> <ul> <ol> <li> <dl> <dt> <dd> <blockquote>

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Welcome, visitor. Register Log in
Advertisement:
About SecurityBlog
SecurityBlog is written by Network World Multimedia Editor Jason Meserve.