Google on Tuesday plugged three vulnerabilities in Chrome version 2. One of the vulnerabilities, ironically discovered by competing browser manufacturer Mozilla and which could enable malicious JavaScript to read unauthorized memory, received a severity level of "high." If exploited, an attacker could run arbitrary code inside the Chrome sandbox, a browser feature that runs applications in restricted environments. The updated Chrome version also fixes a high-severity XML vulnerability, and prevents the browser from reaching SSL sites signed with weaker MD2 and MD4 hashing algorithms. — DK