Google fixes 'critical' security hole in Chrome

A malicious hacker could exploit the vulnerability to run code on a compromised machine

Google has plugged a security vulnerability in its Chrome browser that the company considers critical.

The latest Chrome release -- version 2.0.172.33 -- fixes an issue that could let a malicious hacker carry out a buffer overflow attack, Google said Monday in an official blog.

If successful, the attack could allow the hacker to crash the browser and run code on a compromised machine with the privileges of the logged-on user.

To exploit the vulnerability, the hacker would have to involve "a specially crafted response from an HTTP server," according to Google, which didn't go into more specifics in the blog posting.

Google plans to provide more details about the vulnerability once a majority of Chrome users have patched their browsers. Chrome's internal security team discovered the flaw.

This latest version also fixes other bugs, including Chrome crashes when loading some HTTPS sites.

Join the newsletter!

Error: Please check your email address.

Tags exploits and vulnerabilitiesGoogleGoogle Chrome

More about Google

Show Comments

Market Place

[]