What's Been Fixed In Google's Chrome?
Google has patched its Chrome browser last week, but it took until Monday to post the actual tweaks and fixes.
September 9, 2008
- a buffer overflow vulnerability in handling long filenames that display in the Save As... dialog. This is a critical risk that could lead to execution of arbitrary code.- a buffer overflow vulnerability in handling link targets displayed in the status area when the user hovers over a link. This is a critical risk that could lead to execution of arbitrary code.
The Friday update also includes fixes for several other bugs, rated less important by Google:
- an out-of-bounds memory read when parsing URLs ending with :%. This is a low risk that can be used to crash the entire browser, possibly causing loss of data in the current session.
- ensure that Desktop cannot be the default downloads directory, thus eliminating the risk of malicious cluttering of the desktop with unwanted downloads, which can lead to executing unwanted files.
- a couple of data transfer issues with the Safe Browsing service causing unnecessary traffic.
More details on the update can be found here.