24 Jun 09 Google fix critical chrome bug
The Enquirer reports that Google has fixed up a vulnerability in it’s latest release – 2.0.172.33
Writing in its bog, Google said that if a pesky hacker got ahold of it, they could crash the browser or run code with the privileges of the logged-on user.
Exploiting the security flaw would require luring the user to a poisoned web site, but Google did not provided any other details.
Whilst it’s a pretty large hole, google’s internal security team found it and not an outside hacker so it’s nice to see the security guys at google doing their jobs.
Tags: chrome security, critical, updates
09 Sep 08 German Government Against Chrome
Blogoscoped.com report that the German government have issued a warning to citizens using Google Chrome. Here’s a quote from German news Tagesschau (translated);
“The Federal Office for Information Security warned internet users of the new browser Chrome. The application by the company Google should not be used for surfing the internet, as a spokesperson for the office told the Berliner Zeitung.”
So basically, the German government fear Google is gathering too much information about it’s people 
German government being over cautious and protective or Google in the wrong with it’s lax privacy policies and mass data collection?
Tags: chrome, Federal Office for Information Security, German government, google, google chrome
04 Sep 08 First Security Flaw in Chrome
It was bound to come along sooner rather than later and readwriteweb.com reports on how Google Chrome’s download feature can be exploited by hackers.
The flaw has got to do with Chrome’s lax downloading policy. When a user downloads a file and clicks the tab below (below) to open it, it is opened straight away without any prompts or warning.
For a demo of what i’m talking about check out this file (don’t worry, nothing in it, just a demo). It was compiled by security expert Aviv Raff.
Apparently it was a known bug in WebKit (the framework behind Chrome). Safari patched up this issue months ago, but Google were using an old WebKit version to work with Chrome and hence the problem.
