Tuesday, December 2, 2008

Google Chrome Releases:Beta release:

Google Chrome has been released and all users will get automatically updated over the next 48 hours.

This release upgrades Gears to to address a security issue with Gears and earlier versions:

Gears Cross-Origin Worker Vulnerability
CVE: CVE-2008-5258
A vulnerability in Gears could allow an attacker to run code in the context of a site that serves user-controlled files. To exploit this, an attacker needs to upload a malicious file to the victim's site and convince the user to allow the attacker's site to use Gears.

Severity: High. Even though this requires convincing users to allow a third-party site to use Gears, it could allow data theft and cross-site scripting on sites hosting user-created content, even those that do not use Gears.
Credit: Thanks to Yair Amit, Senior Security Researcher, IBM Rational Application Security Research Team for responsibly reporting the issue to Google.

This release also contains a fix to stop crashes while dragging tabs on computers running Windows Vista.

[NFGB] Link - from Google Chrome Releases
Related From Google Blogs:
Getting Answers -- Fast
Seminars for Success, Now for Website Optimizer
Display ad builder best practices
Online Machine Learning Testing == Extreme Testing

No comments: