Posted on Wednesday, September 03 2008 @ 21:26 CEST by Thomas De Maesschalck
Google Chrome has only been available for 24 hours or so and security researchers have already found a couple of flaws in the browser. The Tech Report
writes Chrome suffers from an old WebKit vulnerability that could be used to spread malware:
Raff has put up a proof-of-concept demo showcasing the vulnerability. The demo causes Firefox to display a prompt asking the user to download a Java JAR file, but in Chrome, the file downloads automatically to the user's desktop. With a little social engineering (a red arrow pointing to the file in Chrome's download toolbar), users could unknowingly execute the Java app. The app is a simple text editor in Raff's case, but malicious coders could easily use the flaw to plant malware on users' systems.
Another security researcher
found a flaw that can crash all tabs in Google Chrome. Kinda ironic, isn't it?
An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window "Whoa! Google Chrome has crashed. Restart now?". It crashes on "int 3" at 0x01002FF3 as an exception/trap, followed by "POP EBP" instruction when pointed out by the EIP register at 0x01002FF4.
