Chrome suffers from old WebKit vulnerability

Well, that didn’t take long. Within hours of Chrome’s release yesterday, security researcher Aviv Raff managed to find a hole in the new Google browser. As ZDNet reports, the flaw actually targets an older version of the WebKit rendering engine. Apple’s latest Safari release (3.1.2) uses a newer WebKit release that’s immune, but Chrome doesn’t.

Raff has put up a proof-of-concept demo showcasing the vulnerability. The demo causes Firefox to display a prompt asking the user to download a Java JAR file, but in Chrome, the file downloads automatically to the user’s desktop. With a little social engineering (a red arrow pointing to the file in Chrome’s download toolbar), users could unknowingly execute the Java app. The app is a simple text editor in Raff’s case, but malicious coders could easily use the flaw to plant malware on users’ systems.

Interestingly, ZDNet says the vulnerability can also lead to a "combo attack" through an unpatched Internet Explorer flaw. Raff discussed that combo attack in relation with Safari back in late May, although he apparently hasn’t released details yet.

Comments closed

Pin It on Pinterest

Share This

Share this post with your friends!