Friday, September 05, 2008

Alarming security bug in Google Chrome 

Some security experts, whose names I can't find offhand, have discovered a bug in Google's new "Chrome" browser that could sidestep all of Chrome's security measures and take over your computer.

The good news is that it can only happen while you're saving a web page, there's no evidence of bad guys trying this in the wild, and it's unlikely that they will given how few Chrome installations there are.

What's alarming is that it's a kind of bug ("stack based buffer overflow") that can usually be avoided by checking a program with well-known tools, and which can usually be blocked from taking over your computer if the programmers use appropriate options when they translate the program from a human-readable computer language into an executable program.

Without the details, it's impossible to tell whether this is just the kind of accident that could happen to anybody, or whether Google has been overlooking precautions that should be standard procedure these days. If the latter, we'll know because there will be a flood of security bug reports in short order.

|

This page is powered by Blogger. Isn't yours?