Firefox and Chrome may be rivals in the browser wars, but it hasn't stopped Mozilla from giving Google's security a bit of help.
Google has released a patch for flaws in its Chrome browser, with rival browser company Mozilla given credit for uncovering one of the issues.
Mozilla Security found a flaw in Chrome’s V8 Javascript engine that allowed specially created Javascript to read unauthorised memory and bypass security checks.
In the latest post from the Google Chrome blog, the company explained that this could have let attackers access unauthorised data or run malicious code on a user’s machine.
Another fix made sure that Google Chrome no longer connected to encrypted HTTPS (SSL) sites that were signed using MD2 or MD4 hashing algorithms, which were considered ‘weak’. If the connections continued, attackers could have forged certificates.
The last issues to be fixed a flaw related to XML, which could have caused a Google Chrome tab process to crash, letting an attacker run malicious code.
Reply With Quote
Bookmarks