Critical Vulnerability in Google Chrome Browser

Frands · September 06, 2008, 05:30:55 PM

A critical Buffer Overflow Vulnerability is found in the new Google Chrome browser. :

QuoteGoogle Chrome Stack Overflow in Title Tag When Saving Files Lets Remote Users Execute Arbitrary Code

http://www.securitytracker.com/alerts/2008/Sep/1020823.html

also there is this article about this issue: http://www.comon.dk/news/advarsel.mod.google.chrome_37561.html :

Google translation:

QuoteAre you one of the many who downloaded Google's new browser, you may have done your PC accessible to malicious people. Build 0.2.149.28, which until yesterday was the latest version, contains a critical vulnerability that makes the computer "perfect for classic drive-by attack."

Google has confirmed the vulnerability and released an update of the browser.

But the scenario does not stop there.:

The Danish IT security company CSIS has tested Chrome carefully and says now that Google browser contains a functionality, which almost has the character of a rootkit.

"At CSIS, we have tested Chrome and can confirm that it call home, even without the browser is activated. Chrome makes use of a beautiful userland API hooking to limit the functionality. A sandbox if you like, but most of all recalls rootkit functionality, "writes CSIS in a message.

the vulnerability, which makes the browser vulnerable to takeover, is documented in a so-called Proof of Concept, which identifies how it is possible from a hostile Web page to run code on the system without user and with the same rights as the logged on user.

"Such a scenario is perfect in relation to classic drive-by attack," writes CSIS.

The vulnerability exists after it reported only in the build 0.2.149.28 of Chrome. In technical terms there is a Stack Overflow in the title bar in connection with the "save the file as".

"Beta software should not be installed or tested in production or in enterprises. We do not recommend the use of Chrome browser until it is in a more stable version, "says the report from CSIS.

Lena · September 06, 2008, 07:15:21 PM

"Google has confirmed the vulnerability and released an update of the browser."

version 0.2.149.29 is now available.

Frands · September 06, 2008, 07:48:51 PM

Quote"Google has confirmed the vulnerability and released an update of the browser."

version 0.2.149.29 is now available.

Let's hope it will make it better. But until Google make their beta version of Chrome more stable, I think I'll keep my fingers away from it, and keep on using IE and Firefox ;)

Lena · September 06, 2008, 08:09:52 PM

Gmail is still in beta. Don't hold your breath waiting for Chrome to come out of beta. :laughing:

Frands · September 06, 2008, 08:51:46 PM

@Lena
Yep, I know that Chrome is still in beta and if I know Google right, it will take a while before Chrome is out of beta :laughing: . Well, I really do like some of Googles products, but right now I find Google's new browser Chrome a bit unnecessary and not that safe. It will be interesting to follow the Google Chrome issue over the next months :breakkie:

Corrine · September 06, 2008, 08:58:10 PM

Quote from: Lena on September 06, 2008, 07:15:21 PM
"Google has confirmed the vulnerability and released an update of the browser."

version 0.2.149.29 is now available.

Where did you find that announcement? I'm curious about which vulnerability(ies) was/were addressed.

Lena · September 07, 2008, 01:18:04 AM

Quote from: Corrine on September 06, 2008, 08:58:10 PM
Quote from: Lena on September 06, 2008, 07:15:21 PM
"Google has confirmed the vulnerability and released an update of the browser."

version 0.2.149.29 is now available.
Where did you find that announcement? I'm curious about which vulnerability(ies) was/were addressed.

stealthzone's original article was regarding version 0.2.149.28 and it said the Google addressed that problem with a new version. I went to the "about Chrome" menu and clicked on 'check for updates' and version 0.2.149.29 was installed. (No re-booting necessary, just quit Chrome and start it again).

Frands · September 07, 2008, 12:03:32 PM

I think the google people have good intentions when they make a product like the Chrome browser, but as it is at moment, I guess it's better running it on a test machine instead of the pc which is used for the daily work. What makes me a bit angry is that the Google Chrome browser from the very beginning came out with an eula which was not acceptable but was fixed after a storm of protests from users from allover the globe. Another thing is that it is not understandable why Google need all them infos about what kind of sites you and me goes to, and furthermore what we are doing at our computers. It is not what is needed. What we need is a good and safe browser with some acceptable privacy politics if new browsers are needed. It is not enough with a nice interface and alot of new kind of features....it also need to be safe also if it is a beta version. Instead of coming out with this new browser short after Microsoft annouced IE 8, Google should have made their new browser more stable and safe despite it is in beta. After reading the stuff at the sites Corrina have posted links to here in forum over the last past days, something tells me that it is a good idea to stay with the good ol' Internet Explorer, Firefox and/or the browser Opera, and stay away from betas :2cents:

Corrine · September 07, 2008, 12:19:53 PM

Bold added to Google translation from above.

QuoteBut the scenario does not stop there.:

The Danish IT security company CSIS has tested Chrome carefully and says now that Google browser contains a functionality, which almost has the character of a rootkit.

Still beta anyway. I expect that there will be a lot of updates and it may, as you suggested, remain beta like gmail. :)

@stealthzone -- the privacy features you referred to appear to be covered quite nicely in IE8 Beta 2.

Lena · September 08, 2008, 07:01:25 PM

Chrome gets a security patch:

http://www.itworld.com/security/54745/goog...-security-patch

Chrome users are advised to upgrade to the latest version. To do that, go to the wrench icon in the upper right hand corner of the browser and down to "About Google Chrome." The browser will then check for an update. If there is one, Chrome will download it and ask to restart. The up-to-date version is 0.2.149.29.

Frands · September 09, 2008, 02:20:09 PM

FYI

I guess the browserwar has started :breakkie: :

QuoteGoogle Chrome Receives Heavy Chritism in Germany:

It doesn't get any more "official" than this here. Yesterday, Saturday at around 20:07 (8:07 pm), Germany's oldest and perhaps biggest prime time news Tagesschau announced the following under the headline "Warning against internet browser"*:

"The Federal Office for Information Security warned internet users of the new browser Chrome. The application by the company Google should not be used for surfing the internet, as a spokesperson for the office told the Berliner Zeitung. It was said to be problematic that Chrome was distributed as an unfinished advance version. Furthermore it was said to be risky that user data is hoarded with a single vendor. With its search engine, email program and the new browser, Google now covers all important areas on the internet."

http://blogoscoped.com/archive/2008-09-07-n33.html