Google has updated its Chrome browser to address some of the security vulnerabilities uncovered in the week-old beta.
The update patches a buffer overflow vulnerability that exists in the handling of long file names that display in the -SaveAs’ dialog. The update also fixes a second buffer overflow vulnerability in the handling link targets displayed in the status area when the user hovers over a link. In its advisory, Google classified both vulnerabilities as critical, stating they could allow hackers to execute code.
The update also fixes an out-of-bounds memory read when parsing URLs ending with :%. According to the advisory, the situation could cause the browser to crash. In addition, the update changes the default Downloads directory if it is set to Desktop to limit the risk of malicious cluttering of the desktop with unwanted downloads.
Though only in beta, Chrome has generated a significant amount of interest from the security community, and has become a target for anyone looking to test its security chops against rival browsers such as Microsoft Internet Explorer and Apple’s Safari. For example, security researcher Aviv Raff last week demonstrated a proof of concept for an attack taking advantage of a Java bug and Google’s use of an old version of WebKit. Thus far, the issue has not been fixed.
In addition to hammering out some of the beta’s security dents, the update fixes a JavaScript bug affecting Facebook.com as well as some data transfer issues with the Safe Browsing service causing unnecessary traffic.