Posted on Sep 3, 2008, 11:35 am, UTC

Google Chrome vulnerable to Java bug

An Israeli security researcher Aviv Raff has released proof-of-concept code that targets a vulnerability in an old version of WebKit being used by the Google Chrome browser as well as a Java bug. With a little social engineering, users can be tricked into downloading malware onto Windows desktops.

Ironically, the WebKit flaw this targets was patched already by Apple. Raff has created a demonstration for the flaw that will download a Java Archive file onto a user’s desktop that gets executed without warning. Once the user double-clicks the download at the bottom of the screen, the application is opened.

The demonstration, available here, reportedly opens up a harmless notepad application written in Java.

Source:→ eWeek

Related Resources:

Advertising:

Filed under: Exploits, Vulnerability,Google Chrome,Java

Recommend this story

Email Newsletter

Missing out on the latest diTii.com news? Enter your email below to receive future announcements direct to your inbox. An email confirmation will be sent before your subscription is activated - please check your spam folder if you don't receive this.

About the AuthorDG

View all posts by DG

Leave a Reply

2 Responses to “Google Chrome vulnerable to Java bug”

  1. » Google Chrome - Day 2 - September 3, 2008

    [...] old version of WebKit used in Google Chrome has been found vulnerable already that would, with little social engineering, allow malwares to be downloaded onto user’s [...]

  2. » Google fixes Chrome vulnerabilities - September 8, 2008

    [...] however, no need to mention Beta ones. Google Chrome was struck with several vulnerabilities (more here, and here). Google recently started spreading the release to small groups quietly according to [...]

Skip to Content | Refresh page | Top | Back

Find us on Facebook