IDG News Service - Google Inc. has plugged a security vulnerability in its Chrome browser that the company considers critical.
The latest Chrome release -- version 2.0.172.33 -- fixes an issue that could let a malicious hacker carry out a buffer overflow attack, Google said Monday in an official blog.
If successful, the attack could allow the hacker to crash the browser and run code on a compromised machine with the privileges of the logged-on user.
To exploit the vulnerability, the hacker would have to involve "a specially crafted response from an HTTP server," according to Google, which didn't go into more specifics in the blog posting.
Google plans to provide more details about the vulnerability once a majority of Chrome users have patched their browsers. Chrome's internal security team discovered the flaw.
This latest version also fixes other bugs, including Chrome crashes when loading some HTTPS sites.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
