Vietnamese security company Bach Khoa Internet Security (BKIS) has posted details of a new a flaw in Google Chrome 0.2.149.27 that the company says is a critical buffer-overflow vulnerability that could allow a hacker to perform a remote attack and take complete control of the affected system.
"The vulnerability is caused due to a boundary error when handling the 'SaveAs' function," BKIS explains on its Web site. "On saving a malicious page with an overly long title (title tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users' systems."
To successfully exploit this vulnerability, an attacker would have to convince someone to visit a malicious page and then attempt to save the page.
This is the third extremely high risk security flaw found in the new browser. Earlier this week, security researcher Aviv Raff found that a flaw in the open source WebKit engine could be combined with a Java bug to install malware on Chrome users' desktops.
And another security researcher, Rishi Narang, reported a way to crash Chrome with a malicious link. Proof-of-concept code has been posted.
At Milw0rm.com, a repository for security exploit code, two other Chrome exploits have been published. Someone identified as "Nerex" has posted proof-of-concept JavaScript code that supposedly "allows files (e.g., executables) to be automatically downloaded to the user's computer without any user prompt." (This may be related to the vulnerability that Raff found.) And someone identified as "WHK" has published code that supposedly will crash Chrome.
Google has also announced an Update to Google Chrome's Terms of Service.
After several users expressed concerns that Section 11 of Google Chrome's terms of service could potentially give Google rights to any user-generated content "submitted, posted or displayed on or through" the browser Google graciously removed that part of the wording from the TOS.
You'll notice if you look at our other products that many of them are governed by Section 11 of our Universal Terms of Service. This section is included because, under copyright law, Google needs what's called a "license" to display or transmit content. So to show a blog, we ask the user to give us a license to the blog's content. (The same goes for any other service where users can create content.) But in all these cases, the license is limited to providing the service. In Gmail, for example, the terms specifically disclaim our ownership right to Gmail content.
So for Google Chrome, only the first sentence of Section 11 should have applied. We're sorry we overlooked this, but we've fixed it now, and you can read the updated Google Chrome terms of service. If you're into the fine print, here's the revised text of Section 11:
11. Content license from you
11.1 You retain copyright and any other rights you already hold in Content which you submit, post or display on or through, the Services.
And that's all. Period. End of section.
It might have been a minor oversight, but the language led to many major concerns. It's great to see that Google listened to the concerns of it's users.
No comments:
Post a Comment
All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.
Thank you
Geek-News.Net