Google Chrome 2.0 Stable and Beta Update Fixes Critical Securit Issue

By George Norman - Software News Editor from
The development team behind Google’s take on how a web browser should look and feel has released an update for the stable version of Chrome 2.0, as well as the Beta version of the aforementioned browser. The update carries the official tag of Chrome and comes to address a security vulnerability that has been deemed by Google as “critical.”

That is the main purpose of the Chrome update that was released on the table and Beta channel – it fixes a critical security vulnerability that could allow a person with malicious intent to run code on an attacked machine with the privileges of the logged in user. The vulnerability in question is credited to the Google Chrome security team; for the time being only limited details area available, but the issue will be made public once the majority of Chrome 2.0 users have update, Google informed.
Here is the official presentation of the critical security vulnerability that Chrome fixes, as reported by Google Chrome Program Manager, Mark Larson: “CVE-2009-2121: Buffer overflow processing HTTP responses: Google Chrome is vulnerable to a buffer overflow in handling certain responses from HTTP servers. A specially crafted response from a server could crash the browser and possibly allow an attacker to run arbitrary code.”

Chrome also fixes two networking bugs that have been plaguing the software:
- When the user tries to connect to HTTPS sites, NLM authentification to Squid proxies fails.
- When the browser loads certain HTTPS sites, the Chrome browser crashes.

To my mind, the fact that Google fixed these HTTPS-related bugs is a big deal. The Mountain View-based company has recently been asked by various privacy and security researchers to enable the HTTPS encryption for Gmail, Google Docs and Google Calendars by default (details here). Google has not turned this proposal down, but said it needs to run a trial and see if the move would affect the overall user experience.

If you would like to get Chrome 2.0 Stable, a download location is available here.
Thanks for reading, Have a nice day :)!!! Suscribe my post

Tidak ada komentar:

Posting Komentar