Google Chrome patched, but problems remain
By Davey Winder
Tuesday, 09 September 2008 02:06
A posting to the Google Groups Chrome support forum has announced the availability of an update to the Chrome browser.
However, a little digging revealed that it is likely to be the buffer overflow problem that was identified by a Vietnamese security researcher on September 5th.
"We have just discovered vulnerability in Google Chrome 0.2.149.27" the Security Vulnerability Research Team at the Bach Khoa Internetwork Security (BKIS) outfit from the Hanoi University of Technology said.
"This is the first Critical Chrome Vulnerability permitting hacker to perform a remote code execution attack and take complete control of the affected system. Based on Security Communities, there are 4 Chrome Vulnerabilities discovered, and the vulnerability which we announced is the only one that can cause remote attacks. Other vulnerabilities just can make Chrome crashed."
The team say that they submitted the vulnerability to Google which confirmed and assigned a verifier for build 0.2.149.28.
According to Le Duc Anh, the researcher responsible, the vulnerability is caused "due to a boundary error when handling the “SaveAs” function. On saving a malicious page with an overly long title (<title> tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code."
A hacker could construct a web page with the malicious code, trick the Chrome user into visiting get them to save the page which would cause the malicious code to be executed.
Other problems fixed by the update include that of URLs containing ':%' which could cause Chrome to crash. Unfortunately, as confirmed by posters to the support forum, other problems such as non-working trackpads remains.
And, of course, the much written about WebKit blended threat vulnerability has not been fixed either.
Please enable JavaScript in your browser to post your comment!