back to article Google Chrome update fills in parsing bug

Google has published a update to its Chrome browser that addresses a newly discovered high risk security hole. Chrome version 3.0.195.24 sorts an error in processing long floating point numbers that creates a means for hackers to execute malware within the Google Chrome sandbox. The flaw in the dtoa() component of Chrome's …

COMMENTS

This topic is closed for new posts.
  1. David Heffernan
    FAIL

    Bodes well for Google Chrome OS

    From the official announcement of Chrome OS (http://googleblog.blogspot.com/2009/07/introducing-google-chrome-os.html):

    "And as we did for the Google Chrome browser, we are going back to the basics and completely redesigning the underlying security architecture of the OS so that users don't have to deal with viruses, malware and security updates. It should just work."

    Why isn't there an English word for Schadenfraude?

  2. Anonymous Coward
    Happy

    @ David Heffernan

    Very clever, made me smile anyway :-)

    "Why isn't there an English word for Schadenfraude?"

    There is - Doh!

  3. John 173

    How damage

    I'm curious, how much damage could someone actually from the sandbox? Disk access? Unrestricted Memory access to the chrome processes space? Anyone have a link?

  4. scarybeasts
    Stop

    Misses the point of sandboxing

    The point of the sandbox is that it generally prevents drive-by downloads. The sandbox works to stop any persistent changes to local disk. This makes bugs inside the Chrome sandbox relatively uninteresting. In the current economies, malware authors are targeting "Critical" vulnerabilities. Thanks to the sandbox, Chrome has relatively fewer of those.

  5. Anonymous Coward
    Anonymous Coward

    Interesting balance of comments

    "Critical security problem in browswer promoted as 'inherently secure'" - 4 comments

    "Wales adopts wider use of average speed cameras" - 109 comments.

    C'mopn guys, it's WALES. It's not as if anyone actually goes there.

    AC to avoid the attentions of the Llu Llux Llan.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021