It has been about a week since the initial release of Google’s long awaited browser which marked Google’s entry into the browser market. The launch created buzz especially on the Internet where blogs and news portals raced to be the first to post interface screenshots, tests and reviews about Google Chrome.
Even the mainstream media picked the story up. It was not uncommon to see radio and tv stations report on the new Google Browser.
Just one day after the release the first security vulnerability emerged and others followed suite.
The latest vulnerabilities emerged yesterday with the releases of proof-of-concept exploits for several Google Chrome vulnerabilities. They were kicked of by Ukrainian researchers who discovered a vulnerability that would download files automatically to the users computer. They published three specifically prepared websites that would download files automatically to the user’s computer.
The second vulnerability is making use of a buffer overflow when saving pages which can result in remote code execution on the target system.
The vulnerability is caused due to a boundary error when handling the “SaveAs” function. On saving a malicious page with an overly long title (
tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users’ systems.</p></blockquote><p>The discovery of the security vulnerabilities poses an interesting question. Why are that many security vulnerabilities discovered? Is it because the Google Chrome browser is more vulnerable than other browsers or could it be because security researchers worldwide started to flock to the browser in hopes of discovering vulnerabilities?</p><p>The Google Chrome team <a href="http://blogs.zdnet.com/security/?p=1858">responded</a> to this vulnerabilities already and promised that a patched version of Google Chrome would be available later today.</p> <script type="text/javascript">google_ad_client = "pub-5406364303442190";/* 300x250, created 2/27/09 */google_ad_slot = "1148508964";google_ad_width = 300;google_ad_height = 250;</script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script> <br /> <br /><p class="tags"> <font color="#CC6633">Tags: </font><a href="http://www.ghacks.net/tag/google/" rel="tag">Google</a>, <a href="http://www.ghacks.net/tag/google-browser/" rel="tag">google browser</a>, <a href="http://www.ghacks.net/tag/google-chrome/" rel="tag">google chrome</a>, <a href="http://www.ghacks.net/tag/google-chrome-vulnerabilities/" rel="tag">google chrome vulnerabilities</a>, <a href="http://www.ghacks.net/tag/vulnerabilites/" rel="tag">vulnerabilites</a><br /><font color="#CC6633">Categories:</font> <a href="http://www.ghacks.net/category/browsing/google-chrome-browsing/" title="View all posts in Google Chrome" rel="category tag">Google Chrome</a>, <a href="http://www.ghacks.net/category/security/" title="View all posts in Security" rel="category tag">Security</a></p><div class="navigation"><div class="alignleft"><b>Previous Post:</b> <a href="http://www.ghacks.net/2008/09/11/create-wordpress-themes/">Create WordPress Themes</a></div><br /><div class="alignleft"><b>Next Post:</b> <a href="http://www.ghacks.net/2008/09/11/a-reliable-broadband-speed-test/">A Reliable Broadband Speed Test</a></div></div> <br /><br /> <br /><h3>Related posts:</h3><ol><li><a href='http://www.ghacks.net/2008/10/28/google-chrome-address-spoofing-vulnerability/' rel='bookmark' title='Permanent Link: Google Chrome Address Spoofing Vulnerability'>Google Chrome Address Spoofing Vulnerability</a></li><li><a href='http://www.ghacks.net/2008/09/03/google-chrome-security-vulnerability/' rel='bookmark' title='Permanent Link: Google Chrome Security Vulnerability'>Google Chrome Security Vulnerability</a></li><li><a href='http://www.ghacks.net/2009/08/26/google-chrome-2-security-update/' rel='bookmark' title='Permanent Link: Google Chrome 2 Security Update'>Google Chrome 2 Security Update</a></li><li><a href='http://www.ghacks.net/2010/01/27/google-chrome-4-security-update/' rel='bookmark' title='Permanent Link: Google Chrome 4 Security Update'>Google Chrome 4 Security Update</a></li><li><a href='http://www.ghacks.net/2008/10/15/microsoft-october-2008-patch-day-patches-11-security-vulnerabilities/' rel='bookmark' title='Permanent Link: Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities'>Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities</a></li><li><a href='http://www.ghacks.net/2009/08/24/latest-google-chrome-4-dev-release-fixes-lots-of-bugs/' rel='bookmark' title='Permanent Link: Latest Google Chrome 4 Dev Release Fixes Lots Of Bugs'>Latest Google Chrome 4 Dev Release Fixes Lots Of Bugs</a></li><li><a href='http://www.ghacks.net/2009/09/15/google-releases-google-chrome-3/' rel='bookmark' title='Permanent Link: Google Releases Google Chrome 3'>Google Releases Google Chrome 3</a></li><li><a href='http://www.ghacks.net/2009/08/12/google-chrome-4/' rel='bookmark' title='Permanent Link: Google Chrome 4'>Google Chrome 4</a></li></ol><br /><div class="clr"></div><div class="navigation"><div class="alignleft"></div><div class="alignright"></div></div><div id="respond"><div class="solidline"></div><h3>Leave a Reply Follow <a href="http://feedproxy.google.com/Ghacksnet">Ghacks</a> Subscribe To <a href='http://www.ghacks.net/2008/09/11/more-google-chrome-vulnerabilities-emerge/feed/'>Comment Rss</a></h3><div class="solidline"></div><div class="cancel-comment-reply"> <small><a rel="nofollow" id="cancel-comment-reply-link" href="/2008/09/11/more-google-chrome-vulnerabilities-emerge/#respond" style="display:none;">Click here to cancel reply.</a></small></div><form action="http://www.ghacks.net/wp-comments-post.php" method="post" id="commentform"><p><input type="text" name="author" id="author" value="" size="22" tabindex="1" /> <label for="author"><small>Name </small></label></p><p><input type="text" name="email" id="email" value="" size="22" tabindex="2" /> <label for="email"><small>Mail (will not be published) </small></label></p><p><input type="text" name="url" id="url" value="" size="22" tabindex="3" /> <label for="url"><small>Website</small></label></p><p><textarea name="comment" id="comment" cols="75%" rows="10" tabindex="4"></textarea></p><p style="clear: both;" class="subscribe-to-comments"> <input type="checkbox" name="subscribe" id="subscribe" value="subscribe" style="width: auto;" /> <label for="subscribe">Notify me of followup comments via e-mail</label></p><p><input name="submit" type="submit" id="submit" tabindex="5" value="Submit Comment" /> <input type='hidden' name='comment_post_ID' value='6925' id='comment_post_ID' /> <input type='hidden' name='comment_parent' id='comment_parent' value='0' /></p></form></div></div></div><div class="clr"></div><div class="navigation"><div class="alignleft"></div><div class="alignright"></div></div></div><div class="sidebars"><div class="sidebar2"><script type='text/javascript' src='http://script.tailsweep.com/js/2/24/243422_mid_content.js'></script></div><div class="sidebar3"><div class="block"><h3 class="boxedin">Recent Posts</h3><ul><li><a href="http://www.ghacks.net/2010/02/10/google-buzz-introduction/">Google Buzz Introduction</a></li><li><a href="http://www.ghacks.net/2010/02/10/internet-explorer-commercial-remover/">Internet Explorer Commercial Remover</a></li><li><a href="http://www.ghacks.net/2010/02/09/google-chrome-note-taking-extension-chromepad/">Google Chrome Note Taking Extension Chromepad</a></li><li><a href="http://www.ghacks.net/2010/02/09/recover-operating-system-after-virus-attack/">Recover Operating System After Virus Attack</a></li><li><a href="http://www.ghacks.net/2010/02/09/very-simple-network-scanner/">Very Simple Network Scanner</a></li><li><a href="http://www.ghacks.net/2010/02/09/serious-auditing-with-lynis/">Serious auditing with Lynis</a></li><li><a href="http://www.ghacks.net/2010/02/09/remove-old-notification-icons-in-windows-7/">Remove Old Notification Icons In Windows 7</a></li></ul></div><div class="block"><h3 class="boxedin">Popular Articles</h3><ul><li><a href="http://www.ghacks.net/2009/08/10/download-youtube-videos/">Download Youtube Videos</a></li><li><a href="http://www.ghacks.net/2005/12/09/free-file-host-list-december-2005/">File Host</a></li><li><a href="http://www.ghacks.net/2007/02/14/list-of-free-music-sites/">Free Movie Sites</a></li><li><a href="http://www.ghacks.net/2006/05/01/howto-watch-abc-tv-streams-outside-the-usa/">How to watch ABC TV</a></li><li><a href="http://www.ghacks.net/2009/06/04/12-imdb-userscripts/">IMDB Userscripts</a></li><li><a href="http://www.ghacks.net/2009/02/09/gmail-90-tools-and-tips-to-make-you-a-gmail-pro/">Gmail</a></li><li><a href="http://www.ghacks.net/2009/05/24/portable-google-browser-google-chrome/">Google Browser</a></li><li><a href="http://www.ghacks.net/2008/12/15/jqsexe/">Jqs.exe</a></li><li><a href="http://www.ghacks.net/2008/09/21/save-network-bandwidth/">Network Bandwidth</a></li><li><a href="http://www.ghacks.net/2009/05/28/network-monitoring-software/">Network Monitoring Software</a></li><li><a href="http://www.ghacks.net/2007/12/10/ways-to-open-office-docx-documents/">Open Docx</a></li><li><a href="http://www.ghacks.net/2008/01/04/5-rapidshare-search-engines/">Rapidshare Search</a></li><li><a href="http://www.ghacks.net/2005/12/19/watch-tv-with-your-pc/">Watch TV with your PC</a></li><li><a href="http://www.ghacks.net/2006/08/04/free-web-proxy-list/">Web Proxy</a></li><li><a href="http://www.ghacks.net/2009/04/26/the-10-best-windows-backup-software-programs/">Windows Backup Software</a></li><li><a href="http://www.ghacks.net/2009/05/29/windows-defender/">Windows Defender</a></li></ul></div><div class="block"><h3 class="boxedin">Software Updates</h3><ul><li> <a href="http://www.evernote.com/about/download/"> EverNote 3.5.1.1410</a></li><li> <a href="http://picpick.wiziple.net/download"> PicPick Tools 2.2.1</a></li><li> <a href="http://jajuk.info/index.php/Download"> Jajuk 1.8.4</a></li><li> <a href="http://www.stdutility.com/download.html"> STDU Viewer 1.5.382</a></li><li> <a href="http://www.getpaint.net/download.html#download"> Paint.NET 3.5.3</a></li></ul><div align="right">by <a href="http://appnews.net/">Appnews</a></div></div><div class="block"><h3 class="boxedin">Topics</h3><ul><li><a href="http://www.ghacks.net/category/browsing/">Browsing</a></li><li><a href="http://www.ghacks.net/category/browsing/firefox/">Firefox</a></li><li><a href="http://www.ghacks.net/category/browsing/google-chrome-browsing/">Google Chrome</a></li><li><a href="http://www.ghacks.net/category/browsing/ie/">IE</a></li><li><a href="http://www.ghacks.net/category/browsing/internet-explorer-browsing/">Internet Explorer</a></li><li><a href="http://www.ghacks.net/category/browsing/opera/">Opera</a></li><li><a href="http://www.ghacks.net/category/companies/">Companies</a></li><li><a href="http://www.ghacks.net/category/companies/adobe-companies/">Adobe</a></li><li><a href="http://www.ghacks.net/category/companies/amazon-companies/">Amazon</a></li><li><a href="http://www.ghacks.net/category/companies/apple-companies/">Apple</a></li><li><a href="http://www.ghacks.net/category/companies/microsoft-companies/">Microsoft</a></li><li><a href="http://www.ghacks.net/category/companies/palm-companies/">Palm</a></li><li><a href="http://www.ghacks.net/category/companies/yahoo-companies/">Yahoo</a></li><li><a href="http://www.ghacks.net/category/desktopmanager/">Desktop Manager</a></li><li><a href="http://www.ghacks.net/category/email/">Email</a></li><li><a href="http://www.ghacks.net/category/entertainment/">Entertainment</a></li><li><a href="http://www.ghacks.net/category/entertainment/cool/">Cool</a></li><li><a href="http://www.ghacks.net/category/entertainment/funny/">Funny</a></li><li><a href="http://www.ghacks.net/category/entertainment/games/">Games</a></li><li><a href="http://www.ghacks.net/category/gadgets/">Gadgets</a></li><li><a href="http://www.ghacks.net/category/ghacks/">Ghacks</a></li><li><a href="http://www.ghacks.net/category/google/">Google</a></li><li><a href="http://www.ghacks.net/category/hardware/">Hardware</a></li><li><a href="http://www.ghacks.net/category/ipod/">iPod</a></li><li><a href="http://www.ghacks.net/category/knowledge/">Knowledge</a></li><li><a href="http://www.ghacks.net/category/mobile-computing/">Mobile Computing</a></li><li><a href="http://www.ghacks.net/category/mobile-computing/notebooks/">Notebooks</a></li><li><a href="http://www.ghacks.net/category/mobiles/">Mobiles</a></li><li><a href="http://www.ghacks.net/category/mobiles/google-android-mobiles/">Google Android</a></li><li><a href="http://www.ghacks.net/category/mobiles/iphone/">iPhone</a></li><li><a href="http://www.ghacks.net/category/mobiles/nokia/">Nokia</a></li><li><a href="http://www.ghacks.net/category/music-and-video/">Music And Video</a></li><li><a href="http://www.ghacks.net/category/music-industry/">Music Industry</a></li><li><a href="http://www.ghacks.net/category/networks/">Networks</a></li><li><a href="http://www.ghacks.net/category/networks/server-networks/">Server</a></li><li><a href="http://www.ghacks.net/category/online-services/">Online Services</a></li><li><a href="http://www.ghacks.net/category/open-source/">Open Source</a></li><li><a href="http://www.ghacks.net/category/operating-systems/">Operating Systems</a></li><li><a href="http://www.ghacks.net/category/operating-systems/linux/">Linux</a></li><li><a href="http://www.ghacks.net/category/operating-systems/mac-operating-systems/">Mac</a></li><li><a href="http://www.ghacks.net/category/operating-systems/windows/">Windows</a></li><li><a href="http://www.ghacks.net/category/search-engines/">Search Engines</a></li><li><a href="http://www.ghacks.net/category/security/">Security</a></li><li><a href="http://www.ghacks.net/category/software/">Software</a></li><li><a href="http://www.ghacks.net/category/spyware/">Spyware</a></li><li><a href="http://www.ghacks.net/category/the-web/">The Web</a></li><li><a href="http://www.ghacks.net/category/troubleshooting/">Troubleshooting</a></li><li><a href="http://www.ghacks.net/category/tutorials-advanced/">Tutorials Advanced</a></li><li><a href="http://www.ghacks.net/category/tutorials-basic/">Tutorials Basic</a></li><li><a href="http://www.ghacks.net/category/webdevelopment/">Web Development</a></li></ul></div></div><div class="sidebar3"><div class="block"><div class="side_align"> <script type="text/javascript" src=" http://ad-cdn.technoratimedia.com/00/84/17/uat_1784.js?ad_size=160x600 "></script> </div></div><div class="block"><h3 class="boxedin">Links</h3><ul><li><a href="http://www.askvg.com/">Ask VG</a></li><li><a href="http://blog.brothersoft.com/">Brothersoft Blog</a></li><li><a href="http://www.cypherhackz.net/">Cypherhacks</a></li><li><a href="http://www.connectedinternet.co.uk/">Connected Internet</a></li><li><a href="http://www.donationcoder.com/">Donation Coder</a></li><li><a href="http://dottech.org/">Dottech</a></li><li><a href="http://freewaregenius.com/">Freeware Genius</a></li><li><a href="http://www.hackyourday.com/">Hack Your Day</a></li><li><a href="http://loginhelper.com/">Login Helper</a></li><li><a href="http://newbitsontheblog.com/">New Bits On The Blog</a></li><li><a href="http://www.onetipaday.com/">One Tip A Day</a></li><li><a href="http://otakugadgets.com/">Otaku Gadgets</a></li><li><a href="http://www.rarst.net/">Rarst</a></li><li><a href="http://www.raymond.cc/">Raymond.cc</a></li><li><a href="http://joeanderson.co.uk/blog/">Webby's World</a></li><li><a href="http://windows7news.com/">Windows 7</a></li><li><a href="http://windows8news.com/">Windows 8</a></li></ul></div><div class="block"><h3 class="boxedin">Popular Tags</h3><ul><li><a href="http://www.ghacks.net/tag/email/">Email</a></li><li><a href="http://www.ghacks.net/tag/firefox/">Firefox</a></li><li><a href="http://www.ghacks.net/tag/google/">Google</a></li><li><a href="http://www.ghacks.net/tag/internet-explorer/">Internet Explorer</a></li><li><a href="http://www.ghacks.net/tag/linux/">Linux</a></li><li><a href="http://www.ghacks.net/tag/microsoft/">Microsoft</a></li><li><a href="http://www.ghacks.net/tag/opera/">Opera</a></li><li><a href="http://www.ghacks.net/tag/security/">Security</a></li><li><a href="http://www.ghacks.net/tag/software/">Software</a></li><li><a href="http://www.ghacks.net/tag/windows/">Windows</a></li><li><a href="http://www.ghacks.net/tag/web-browser/">Web Browser</a></li><li><a href="http://www.ghacks.net/tag/windows-software/">Windows Software</a></li></ul></div><div class="block"><h3 class="boxedin">Follow This Blog</h3><a href="http://www.ghacks.net/ghacksnet-feed-list/">All Feeds</a> <br /><br /></div><div class="block"><h3 class="boxedin">Information</h3><ul><li><a href="http://www.ghacks.net/2009/10/17/facebook-login/">Facebook Login</a></li><li><a href="http://www.ghacks.net/2009/10/14/friendster-login/">Friendster Login</a></li><li><a href="http://www.ghacks.net/2009/11/02/hotmail-login/">Hotmail Login</a></li><li><a href="http://www.ghacks.net/2009/10/14/myspace-login/">MySpace Login</a></li><li><a href="http://www.ghacks.net/2009/10/11/orkut-login/">Orkut Login</a></li><li><a href="http://www.ghacks.net/2009/11/09/paypal-login/">PayPal Login</a></li><li><a href="http://www.ghacks.net/2009/10/11/yahoo-mail-login/">Yahoo Mail Login</a></li></ul></div></div></div><div class="clr"></div><div class="footer clr"><div class="sidebars"><div class="footerleft"><h3 class="boxedin">About Ghacks</h3><p>Ghacks is a technology blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular technology sites on the Internet with five authors and regular contributions from freelance writers.</p></div><div class="footermid"> </div><div class="footerright"><h3 class="boxedin">Authors</h3> <a href="http://www.ghacks.net/author/joe/">Joe Anderson</a><br /> <a href="http://www.ghacks.net/author/martin/">Martin Brinkmann</a> (Senior Editor)<br /> <a href="http://www.ghacks.net/author/cheryl/">Cheryl Correa</a><br /> <a href="http://www.ghacks.net/author/orrett/">Orrett Morgan</a><br /> <a href="http://www.ghacks.net/author/danielpataki/">Daniel Pataki</a><br /> <a href="http://www.ghacks.net/author/davidp/">David Pierce</a><br /> <a href="http://www.ghacks.net/author/jack/">Jack Wallen</a><br /></div><div class="clr"></div></div></div><div class="basement clr"><p>© 2005-2010 Ghacks.net. All Rights Reserved. <a href="http://www.ghacks.net/privacy-policy/" rel="nofollow">Privacy Policy</a> - <a href="http://www.ghacks.net/about-us/" rel="nofollow">About Us</a></p><p></p> <script type="text/javascript">var dc_UnitID = 14; var dc_PublisherID = 94263; var dc_AdLinkColor = '#0072bc'; var dc_isBoldActive = 'no'; var dc_open_new_win = 'yes'; var dc_adprod='ADL';</script> <script type="text/javascript" src="http://kona.kontera.com/javascript/lib/KonaLibInline.js"></script> <script type="text/javascript">document.write(unescape("%3Cscript src='" + (document.location.protocol == "https:" ? "https://sb" : "http://b") +".scorecardresearch.com/beacon.js' %3E%3C/script%3E"));</script> <script type="text/javascript">COMSCORE.beacon({c1: 2,c2: '6036211',c3: '',c4: '',c5: '',c6: '',c15: ''});</script> <noscript> <img src="http://b.scorecardresearch.com/b?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" /> </noscript></div></div></body></html> <!-- This site's performance optimized by W3 Total Cache. Dramatically improve the speed and reliability of your blog! Learn more about our WordPress Plugins: http://www.w3-edge.com/wordpress-plugins/ Minified using disk Page Caching using disk (enhanced) (user agent is rejected) Database Caching 12/37 queries in 0.205 seconds using disk Served from: 96.30.22.116 @ 2010-02-09 23:34:36 -->