Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Google Chrome vulnerable to carpet-bombing flaw
Search Topic:
Uniqs:
641		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
MS Security Bulletin Advance Notification for September 2008 »
« Could someone explain this please?  
AuthorAll Replies


Sindows 7

join:2006-09-13
Hope, BC

Google Chrome vulnerable to carpet-bombing flaw

Google’s shiny new Web browser is vulnerable to a carpet-bombing vulnerability that could expose Windows users to malicious hacker attacks.

Just hours after the release of Google Chrome, researcher Aviv Raff discovered that he could combine two vulnerabilities — a flaw in Apple Safari (WebKit) and a Java bug discussed at this year’s Black Hat conference — to trick users into launching executables direct from the new browser.

Raff has cooked up a harmless demo of the attack in action, showing how a Google Chrome users can be lured into downloading and launching a JAR (Java Archive) file that gets executed without warning.

»blogs.zdnet.com/security/?p=1843
to forum · permalink · · 2008-09-03 23:08:24 · Reply to this

zteardrop

join:2005-12-20
Brooklyn, NY		 Amusing. Everyone, especially GOogle thinks they are smarter than Microsoft. It will take them years to build a Secure browser.
to forum · permalink · · 2008-09-04 02:17:07 · Reply to this


hpguru
Curb Your Dogma
Premium
join:2002-04-12		reply to Sindows 7
But, but, but isn't Google's shiny new Chrome the Browser you can trust?

Oh, nevermind. My bad.
to forum · permalink · · 2008-09-04 09:21:39 · Reply to this

SUMware
Premium
join:2002-05-21		reply to Sindows 7
Already posted: »Google Chrome vulnerable to carpet-bombing flaw
to forum · permalink · · 2008-09-04 11:30:39 · Reply to this

sMh

join:2003-08-24		reply to Sindows 7
Ticking the "Ask where to save each file before downloading" option puts a stop to this flaw.
to forum · permalink · · 2008-09-04 12:50:41 · Reply to this

daveinpoway
Premium
join:2006-07-03
Poway, CA		reply to Sindows 7
A good reason not to get involved with Beta software (no matter who put it out). Wait for the final version (which will almost certainly still have flaws, but at least many of them will have been corrected).
to forum · permalink · · 2008-09-05 05:46:29 · Reply to this
-
Forums » Up and Running » Security » SecurityMS Security Bulletin Advance Notification for September 2008 »
« Could someone explain this please?  

Friday, 27-Nov 05:08:29 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [115] Time Warner Cable Fires Broadside At Broadcasters
· [109] New AT&T Ad Campaign Hits Back At Verizon
· [95] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [70] TiVo Sees Record Customer Losses
· [63] In-Flight Internet Headed For Bumpy Landing?
· [56] Thanksgiving Open Thread
· [38] ICANN Slams DNS Redirection
· [36] Senators Want ACTA Made Public
· [35] Despite Billions In USF Fees, U.S. Libraries Lack Bandwidth
Most people now reading
· Newegg Black Friday Sale started [Users Find Hot Deals]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Bell Response to PIPEDA Request [TekSavvy]
· Windows 7 boot manager editing questions [Microsoft Help]
· Whats the big deal about being "Old School"....? [World of Warcraft]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· HOW-TO: QoS and Tomato (fixes "choppy voice") [MagicJack]
· Slow speeds in the evenings [TekSavvy]
· Murdoch & Fox CEO Want '3 Strikes' Law in US (ACTA) [Security]
· [ Classes] Druid tanking: rotation and glyphs [World of Warcraft]