Skip to main content

Spotlight thrown on Google chrome security flaw

Google Chrome: be careful!
Google Chrome: be careful!

Google's new browser, Chrome, might only be in the beta stage, but that hasn't stopped the hacker community searching it for every possible flaw.

And security researcher Aviv Raff has managed to find a flaw in the system that could allow malicious users to automatically download a file.

A Java JAR file is highlighted when needed for download by fully-working browsers, such as Firefox. But with the version of the WebKit Google used to develop Chrome does not include such a prompt.

Clever hackers

This means clever hackers could use this to launch an attack through Java if users don't know what JAR file they're downloading.

Browsers such as Safari use a newer version of the WebKit and aren't vulnerable to such a flaw...but then Google would just say this is what a beta version is for!

But the main point: remember the new Google Chrome isn't finished, so be ready for the consequences if you download it.