Mozilla discovers serious flaw in Google Chrome
By Barry Collins
Posted on 26 Aug 2009 at 16:06
They might now be rivals, but Mozilla has given its colleagues at Google a helping hand by uncovering a serious flaw in the Chrome browser.
The security hole in Chrome's V8 JavaScript engine would have allowed attackers to run arbitrary code within the Chrome browser. Google has now patched the hole, and credited Mozilla's Security team for discovering the flaw on the Chrome Releases blog.
Despite owning competing browsers, Mozilla and Google still foster a close relationship. The vast majority of Mozilla's revenue is derived from a search deal that sees Google appear as the default Firefox homepage and in the browser's search bar.
Google's Chrome team have also fixed another bug in the year-old browser which prevents users from visiting HTTPS sites whose certificates are signed using MD2 or MD4 hashing algorithms. Google claims these algorithms are too weak and could result in people being sent to spoof sites.
Discovery of this flaw was credited to Dam Kaminsky, the man who uncovered the critical DNS flaw that could potentially have brought the entire internet to its knees, before it was fixed by a group of leading security experts last year.
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
