TechTarget

Google fixes severe security vulnerability in Chrome browser

Google has released a new version of its Chrome...

Google has released a new version of its Chrome browser to fix a "high severity" security problem.

An error in handling certain URLs in Google versions cross-site scripting (XSS) without user interaction, said Mark Larson, Google Chrome program manager.

"If a user has Google Chrome installed, visiting an attacker-controlled web page in Internet Explorer could have caused Google Chrome to launch, open multiple tabs, and load scripts that run after navigating to a URL of the attacker's choice," he said.

According to Larson, such an attack only works if Chrome is not already running.

XSS attacks can make a web browser process unauthorised code such as JavaScript to carry out a variety of other attacks such as stealing personal information.

The Chrome vulnerability was reported to Google by Roi Saltzman, a security researcher at IBM Rational Application Security Research Group.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close