Google has issued an update for its new Chrome browser, following a critical security flaw found by Vietnamese security researchers.
Click to enlarge
According to a report in techworld.com, a researcher at the Hanoi University of Technology, the Chrome beta browser posted last week contained a buffer overflow bug that could be used by attackers to hijack PCs.
The researcher found that the flaw can be triggered when the user saves a web page – using Chrome’s “Save page as” command – with a very long name, which created a stack-based buffer overflow that hackers can leverage to introduce additional malicious code.
“To exploit the vulnerability, a hacker might construct a specially-crafted web page, which contains malicious code”. “The hacker would then trick users into visiting his site and convince them to save this page”, thereby giving access to the PC, according to the report.
Google said it has patched the vulnerability Sunday and released an updated beta, version 0.2.149.29, on the same day.