Security holes in nascent Google Chrome patched

Share this article:
Security holes in nascent Google Chrome patched
Security holes in nascent Google Chrome patched

Google's new Chrome browsers has been updated for several security flaws, two of which it classified as critical.

The fixes include a buffer overflow vulnerability in handling long file names that display in the “Save As... dialog.” That is, if a user saves a web page with a long title, a hacker could take over control of the PC and run malicious code.

The second critical flaw arises when the browser handles link targets displayed in the status area when the user hovers over a link, which lead to execution of arbitrary code.

Other fixes include one for an out-of-bounds memory read when parsing URLs ending with “:%,” and a change to make it impossible to have the desktop as the default directory, mitigating the risk of cluttering the desktop with unwanted downloads, some of which could be malicious.

Google Chrome users are being automatically updated; Google said automatic updates are a feature of the browser to ensure safety.

The update did not include a patch for the "carpet bomb" vulnerability disclosed by researcher Aviv Raff -- the same flaw that was once present in Apple's Safari browser.

Share this article:

Sign up to our newsletters

More in News

Russian hacker Seleznev ordered to remain in custody

Roman Seleznev's attorneys requested that the hacker be released on bond, but their pleas were rejected this past week.

Bug in iOS Instagram app fixed, impacts Facebook accounts

The vulnerability comes into play when Instagram users search for Facebook friends to "follow."

AP denied security docs on HealthCare.gov, a risk to private information

AP denied security docs on HealthCare.gov, a risk ...

The Associated Press was denied a request made under the Freedom of Information Act for documents that contain security information on HealthCare.gov.