Google Chrome vulnerable to carpet-bombing flaw
Googles shiny new Web browser is vulnerable to a carpet-bombing vulnerability that could expose Windows users to malicious hacker attacks.
Just hours after the release of Google Chrome, researcher Aviv Raff discovered that he could combine two vulnerabilities a flaw in Apple Safari (WebKit) and a Java bug discussed at this years Black Hat conference to trick users into launching executables direct from the new browser.
Raff has cooked up a harmless demo of the attack in action, showing how a Google Chrome users can be lured into downloading and launching a JAR (Java Archive) file that gets executed without warning.
Read the whole story here.