Since the Chrome topic is getting big, I thought I would post this to the side.
Google Chrome Vulnerable To Carpet Bomb Flaw
So much for Security coming from Google. Chrome has out in the wild for 24 hours now and all the security risks are now starting to come to light.
Issue #1
A malicious hacker could entice users into downloading onto their Windows desktop a specially-crafted java archive file, typically with a social engineering ploy. Once a user opened a malicious link or visited a harmful Website, malware would then be installed on the user's PC, which would get executed without warning.
In actuality, Google Chrome uses Apple's WebKit 525.13, or Safari 3.1, which is outdated and proven to be susceptible to numerous exploits, including a Safari carpet bombing error. While Apple patched the flaw in Safari 3.1, the underlying software remains vulnerable.
Issue #2
An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27," Narang explains on the Evil Fingers Web site. "A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the Chrome crashes with a Google Chrome message window 'Whoa! Google Chrome has crashed. Restart now?'"
Full Version: Chrome And Security
It's new, of course it's going to be susceptible to some things. When it gets to version 1 it should have a lot of bugs ironed out. 
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.