Home > News > Security > Security world makes short work of Chrome

Security world makes short work of Chrome

By Shaun Nichols
4 September 2008 01:50PM
Tags: security | makes | short | work | chrome

Less than two days into its public life, Google's Chrome browser is being put under the microscope by security researchers.

Two flaws for the web browser have already been discovered and publicly disclosed by researchers. Ramifications of an attack could range from an application crash to remote malware installation.

The first vulnerability was found on Wednesday by researcher Aviv Raff, who discovered that the browser was open to a highly-publicized 'carpet bombing' attack first found in Safari.

Apple patched the flaw in Safari earlier this year. However, because Chrome uses Apple's WebKit software, the flaw has reappeared in the Google browser.

Raff posted a proof of concept page which demonstrates how an attacker could embed malicious code on a web page and then use it to conduct a remote malware installation with a separate specially-crafted Java applet.

Shortly after Raff's discovery was posted, another researcher came forward with a separate flaw in the browser.

Researchers Rishi Narang and JanDeMooij posted separate reports of a vulnerability in the browser's chromium.dll component that was exposed through the browser's URL bar. The flaw could be targeted to cause an application crash, though neither report mentioned the possibility of remote code execution.

Chrome is not the first browser to be picked apart by the security community so soon. Researchers made similarly short work out of Mozilla's Firefox 3 when that browser was released earlier this summer.

Ads by Google

Thoughts on this article? Add a comment below.

Comments: 1

It's great that Google have recognised that security needs to be an important consideration with browsers. It's a shame that this beta of Chrome shows that they haven't been thorough enough about it to fix known security problems with the toolkits they've built Chrome on. But it's a beta version and no doubt these issues will be addressed with the release version. (But then again, some Google products seem to remain as beta versions forever!)

It's also great that Google is acknowledging the need to keep ahead of the bad guys and their rapidly evolving ways of using exploits, social engineering and other web-borne threats to harm users. The inclusion of the malware and phishing blacklists in Google Chrome is a step in the right direction. Google state that the software checks a URL against their blacklist databases of web pages/sites that are known to have delivered malware and phishing attacks in the past.

Of course, that approach is mostly too slow to protect against transient threats, and most online threats today are highly transient. The bad guys register and invoke domains, or put their exploit payloads onto legitimate web sites they've been able to poison, for just the few days they'll be able to fly under the radar and not make it onto blacklists. The bad guys either shut the exploit down before making it onto the blacklists, or very soon after. So often these days, the threat is gone before it can be recorded into the blacklists. Worse, at least for the operators of legitimate sites that have been compromised, when the threats are detected and the sites added to the blacklists, the sites show up as infected even after the threats are gone.

AVG believes the best approach is real-time scanning that inspects each web page for exploits right when the user clicks on the link to visit it. That's the approach the AVG LinkScanner technology uses. This real-time scanning functionality is more effective against transient threats. The safe surf AVG LinkScanner Active Surf-Shield module in all paid AVG products does real-time scanning to detect infected and potentially-infected content as you browse the web. This real-time approach delivers the maximum protection simply not able to be provided by blacklists.

Best Regards, Lloyd Borrett
Marketing Manager, AVG (AU/NZ)
www.avg.com.au

Posted by Lloyd Borrett, Sep 5, 2008 11:55 AM

Report

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Product Reviews

	Lieberman Software Enterprise Random PM The Lieberman Software Enterprise Random Password Manager is a full-on password manager and randomiser for...

	Proginet Corporation SecurForce Proginet SecurForce is a little bit of a horse of a different color for this month's Group Test.

	Siber Systems RoboForm Enterprise On the surface, RoboForm Enterprise starts out looking like a single sign-on product, but that is just on the...

	Symark International PowerBroker The Symark PowerBroker is a policy-driven, privileged access control application.

	Symark International PowerKeeper The Symark PowerKeeper is a hardened appliance. It comes with a sealed operating system that provides a...