Google updates Chrome security; withdraws crashing development browser

Share this article:
Security holes in nascent Google Chrome patched
Security holes in nascent Google Chrome patched

Google Chrome was updated Wednesday to fix two security issues in the WebKit web browser engine.

A memory corruption issue, labeled "Severity: High" by Google, existed in WebKit and could have caused arbitrary code execution in the Chrome sandbox, which is designed to run applications in restricted environments to prevent exploits, according to a post on the Google Chrome Releases blog.

Another security issue was manifest in WebKit's handling of "drag events," in which a user clicks on the mouse and drags it somewhere else before releasing, that could have led to the disclosure of information when content was moved over a maliciously crafted web page.

“An attacker might be able to read data belonging to another website, if a user can be convinced to select and drag data on an attacker-controlled site," said Mark Larson, Google Chrome program manager.

In a separate development, Google on Wednesday announced patches for security issues in a "dev version" of its Chrome browser. But Google withdrew the updates an hour later.

Google Chrome had been released to the development channel for Windows, Mac OS X, and Linux, according to an announcement on a Google Chrome Releases blog. But later it was withdrawn because it caused numerous crashes on testers' machines.

In a note posted on the blog, Larson said: “I'm stopping the update of this build. Apologies to those who've already got the update. We'll push a fix as soon as we can [on Thursday].”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.