Google on Tuesday plugged three vulnerabilities in
Chrome version 2. One of the vulnerabilities, ironically discovered by competing browser manufacturer Mozilla and which could enable malicious
JavaScript to read unauthorized memory, received a severity level of "high." If exploited, an attacker could run arbitrary code inside the Chrome
sandbox, a browser feature that runs applications in restricted environments. The updated Chrome version also fixes a high-severity XML vulnerability, and prevents the browser from reaching SSL sites signed with weaker MD2 and MD4 hashing algorithms. — DK