Google Chrome Update to

September 9, 2008

Google has released Chrome version to address multiple vulnerabilities.

The four vulnerabilities are due to the following:

  • 1. a buffer overflow condition in the handling of filenames displayed in the “Save As” dialog
  • 2. a buffer overflow condition in the handling of link targets displayed in the status area when a user hovers over a link
  • 3. an out-of-bounds memory read error when parsing URLs ending with :%
  • 4. a default configuration that allows files to be downloaded to the desktop without prompting the user first

Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

Google has indicated that the fixed version is being applied to all users through automatic updates.

You can also review the Google Chrome Releases Blog for additional information