Google Patches Security Vulnerabilities in Chrome
Google has issued an update for its Chrome browser to address four security issues. Chrome, still in beta, has attracted attention as Google looks to challenge Microsoft Internet Explorer, Mozilla's Firefox and other browsers.Google has updated its Chrome browser to address some of the security vulnerabilities uncovered in the week-old beta. The update patches a buffer overflow vulnerability that exists in the handling of long file names that display in the -SaveAs' dialog. The update also fixes a second buffer overflow vulnerability in the handling link targets displayed in the status area when the user hovers over a link. In its advisory, Google classified both vulnerabilities as critical, stating they could allow hackers to execute code.
The update also fixes an out-of-bounds memory read when parsing URLs ending with :%. According to the advisory, the situation could cause the browser to crash. In addition, the update changes the default Downloads directory if it is set to Desktop to limit the risk of malicious cluttering of the desktop with unwanted downloads.