diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

Sep032008

Google Chrome vulnerable to Java bug

An Israeli security researcher Aviv Raff has released proof-of-concept code that targets a vulnerability in an old version of WebKit being used by the Google Chrome browser as well as a Java bug. With a little social engineering, users can be tricked into downloading malware onto Windows desktops.

Ironically, the WebKit flaw this targets was patched already by Apple. Raff has created a demonstration for the flaw that will download a Java Archive file onto a user’s desktop that gets executed without warning. Once the user double-clicks the download at the bottom of the screen, the application is opened.

The demonstration, available here, reportedly opens up a harmless notepad application written in Java.

Source:→ eWeek

Share This Story, Choose Your Platform!