Sunday, September 7, 2008

Remote hackers can attack Google Chrome browser

So far, the latest browser from Google Chrome released less than a week, security researchers discovered a buffer zone in the Chrome there are loopholes, this loophole will lead to long-range attack to take complete control of computer users.

This time, security experts detected in the buffer zone attaches great importance to the loopholes, it is in the implementation of the "Save as" command of the boundary error. If you save a Web page services in the malicious content, this process will lead to a large number of overflow error, these errors will be for remote hackers to launch malicious code control of a user's computer to create opportunities.

By then, long-range by an attacker can construct a full page of the malicious code, to take advantage of that vulnerability. Then, the attacker would lure users to open the page, and then save the infected pages, these pages will then download malicious code to the user's computer, so that an attacker can completely control those affected by the computer system.

Security experts said: "The latest test version of Web browser vulnerabilities, a total of six. Which, Chrome of the loopholes found in the buffer zone is the latest release of one of these loopholes, about half allow remote code execution control. In Chrome Tuesday released shortly after, the experts found a loophole in the Chrome, according to testing, and the vulnerability stems from the Safari 3.1.

However, the experts said that it was expected, Chrome test version of these loopholes, may be the next test browser has been cracked, Google will develop the final version of security worries.

SANS Internet Storm Center John Bambenek said: "Chrome is a new product, though, Chrome has many loopholes and details went out of control, but in this beta is very common, especially in the open-source browser Beta. I think Google is not accurate solution before the official not to disclose any information Chrome, so hackers will not take the opportunity to attack. "

At present, there are many users in the implementation of some operations will generate an error, leading to long-range attacks. Experts point out that all this is because the browser is still in the testing stage and not in a wide range of applications.

0 Comments: