According to an Israeli Researcher, Google Chrome is vulnerable to a months-old vulnerability…
As detailed in Computerworld, the Google Chrome used an older version of WebKIT which holds the “Carpet Bomb” vulnerability…
And because they used a pre-patch version of WebKIT which Carpet Bomb slipped even in a later version of WebKIT…
This bug was also found in Safari and patched with Safari 3.1.2 (Oh did anyone mention that Mac is virus-free? Well guess things started to get nasty… Brace yourself Mac users because the poopism is just coming to get ya sooner or later =P)
The bug basically takes advantage of the fact that JAVA doesn’t show any warning or notice that JAR file is being installed… So it’s a mixture of JAVA and other stuff…
Too much to talk about and I might confuse “eLeeT” as always… so Click here to follow the Computerworld article… (Yes… I like using “” specially for that guy… I love annoying him =P)
very big difference between a programming bug and a virus.
[knowing you this comment will never see the light of day]
*** NOTE FROM LOOLYKINNS:
Sorry, I had to fix the brackets… A programmer habit… And I’m abit picky about’em =P
i never deleted a comment unless its a spam-related… though i’m not sure you know me well…
however, this might be a bug that left mac vulnerable for a while which someone could’ve wrote a malware to take advantage of that vulnerability (malware is a definition which means virus, trojan, backdoor, rootkit or anything similar)…
then again, i’m not really talkin’ about mac here… i’m talkin’ about google’s chrome… which, as the researcher stated, is vulnerable to an old bug that hit safari some time ago… but not anymore… got patched… well not for this bug atleast…
what i meant by “mac is virus-free” is that its a false statement since people could write malwares under such OS to take advantage of the undiscovered vulnerabilities… like the PWN2OWN thingy i mentioned long ago and the DNS vulnerability that got patched and still vulnerable…
umm….geekdude im confused >.< i understood absolutely nothing would u please please please explain this too me in plain english… PLEASE *blinks*
go read the link provided to know more… if you dont understand that as well, then you’re just dumb =P
*sniff sniff * but but i am not dumb ! im checking the link and replying u judgemental person XP
ooo i understands but still i say chrome is a cool new peak to the future of web browsers 😛
erm …… the vulnerability that was described by Nitesh Dhanjani refers to the fact that webkit allowed for execution of JAR files without any conformation by the user, this isn’t a very big deal, seeing as most java VMs and interpreters will ask you to confirm before running the app.
The programming bug that you refer to is actually platform independent and will work in the same way on any webkit based browser including the current symbian browsers and the ps3 browser, (provided you have a java virtual machine or interpreter installed). Incidentally webkit was never an apple product to begin with; it started off as part of KDE.
i know its platform independant… its java >_<; dude\dudette... its another proof that mac is (as well as any operating system) vulnerable... thats my whole point of the mac users bashing... but then again... this post is discussing the google chrome thingy... not mac thingy >_<