Internet Explorer a Security Vulnerability for Google Chrome
Article by George Norman
On 28 Apr 2009
It seems that users who have Microsoft Internet Explorer and Google Chrome installed on their machine are exposing themselves to malicious attacks simply because the two browser versions do not play well together. According to Google, visiting malicious web pages could permit an attacker to run scripts on the targeted machine.

“An error in handling URLs with a chromehtml: protocol could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk under certain conditions. If a user has Google Chrome installed, visiting an attacker-controlled web page in Internet Explorer could have caused Google Chrome to launch, open multiple tabs, and load scripts that run after navigating to a URL of the attacker's choice,” explained Google Chrome Program Manager, Mark Larson.

Advertising

The security hole’s security rating is “high” because it allows universal cross-site scripting (UXSS) with no interaction from the user (in certain conditions of course). Chrome versions affected by this issue include version 1.0.154.55 and earlier versions. Google has already fixed the problem with the release of Chrome 1.0.154.59

“These issues pose a major threat to any user that browses a maliciously crafted page using Internet Explorer and has Google Chrome installed alongside. It is important to note that the way Internet Explorer processes URL protocol handlers is a known Achilles’ heel and has been widely used previously to attack other various applications,” explained Roi Saltzman, the security researcher that is credited for discovering this vulnerability. It is important to update your Chrome browser, if you are running it alongside Internet Explorer, for the simple reason that a proof-of-concept code for exploiting the vulnerability is available on the wild (that’s to say it is publicly available as you can see here).

When asked to comment on the matter, Microsoft stated that vulnerabilities in its code are not to blame for the problems with Chrome.



Tags: Google, Chrome, Microsoft, Internet Explorer,
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 19 Jul 2017
If I make a prediction and it comes true, feel free to look at me in awe and praise me for my amazing skills. But if the prediction doesn’t go like I said, feel free to mock and point at me while laughing.
By George Norman on 09 Aug 2017
Android started out as an underdog, as the mobile operating system that nobody took seriously. Big-name tech companies laughed it off and critics said it would fail miserably, but Android proved them all wrong and become the powerhouse that it is today.
By George Norman on 16 Jun 2017
When companies pick an official slogan or motto, they usually go with something they think will impress. Well, these aren't your regular slogans. These are snarky slogans thought up by a cranky a-hole.
By George Norman on 19 Jun 2017
Don’t worry. I’m not going to rehash all those facts that everyone already knows about Bill Gates, like how he got arrested for driving without a license, that he is a college dropout, and that he plans to give most of his fortune to charity.
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Internet Explorer a Security Vulnerability for Google Chrome
HTML Linking Code