Chrome 2.0 Update Fixes WebKit Security Problems
Mountain View search engine giant Google has released Chrome 2.0.172.31 on the stable channel, update that is meant to address two security issues that Google discovered were affecting WebKit. The update is nothing too spectacular if you keep in mind that the security rating Google issued for these vulnerabilities are high and medium, but if you want to stay safe and protected, then you are very well advised to update.
The security vulnerabilities in question are “CVE-2009-1690 Memory corruption” which has been give the rating “high” as it could allow an person with malicious intent to run arbitrary code within Chrome’s sandbox, and “CVE-2009-1718 Drag and drop information leak” which has been rated as “medium” as it may allow an attacker to read data that belongs to another site if the user is fooled into selecting and dragging data on an attacker controlled site.
The official description of these two security vulnerabilities is provided by Google Chrome Program Manager, Mark Larson, below:
CVE-2009-1690 Memory corruption
A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.
CVE-2009-1718 Drag and drop information leak
An issue exists in WebKit's handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.
It must be said that this is the first update Google’s development team has released since Chrome 2.0 reached stable version at the end of May. At the time, Chrome 2.0 was touted not only as being capable of providing the most user requested features, but also of providing a 30% speed increase (details here).
If you would like to get Chrome 2.0, a download location is available here.
Tags: Google, Chrome, WebKit, Security, Vulnerability
The security vulnerabilities in question are “CVE-2009-1690 Memory corruption” which has been give the rating “high” as it could allow an person with malicious intent to run arbitrary code within Chrome’s sandbox, and “CVE-2009-1718 Drag and drop information leak” which has been rated as “medium” as it may allow an attacker to read data that belongs to another site if the user is fooled into selecting and dragging data on an attacker controlled site.
Advertising
The official description of these two security vulnerabilities is provided by Google Chrome Program Manager, Mark Larson, below:
CVE-2009-1690 Memory corruption
A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.
CVE-2009-1718 Drag and drop information leak
An issue exists in WebKit's handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.
It must be said that this is the first update Google’s development team has released since Chrome 2.0 reached stable version at the end of May. At the time, Chrome 2.0 was touted not only as being capable of providing the most user requested features, but also of providing a 30% speed increase (details here).
If you would like to get Chrome 2.0, a download location is available here.
Tags: Google, Chrome, WebKit, Security, Vulnerability
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 09 Feb 2012
The latest stable version of Google Chrome web browser is v. 17.0 which was rolled out to the public on Wednesday, the 8th of February, one day after the release of Chrome for Android Beta 1
By George Norman on 16 Dec 2011
Earlier this week, Mountain View-based search engine giant Google announced that version 16.0 of its Chrome web browser graduated from the Beta to the Stable Channel. I remind you that Google 
By George Norman on 29 Sep 2011
Mountain View-based search engine giant is serving Chrome 15.0 to Windows, Mac and Linux users on the Beta channel. Now Betas are fidgety and tend to have problems, so unless you a hardcore fan or a tester, it’s best to stay away from them. But there is one thing that may push you to give
By George Norman on 17 Oct 2011
This Sunday, the 16th of October, people with malicious intent managed to hack into the YouTube account of Sesame Street, the popular children’s TV series. The YouTube account which regularly features child-friendly movies of Sesame Street puppets featured a different kind of contentAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Chrome 2.0 Update Fixes WebKit Security Problems
HTML Linking Code
HTML Linking Code