Google Chrome is aptly emerging as everyone’s favorite web browsers, Just hours after Google released beta version of its open source web browser, Security researcher Aviv Raff discovered a serious security flaw in Google chrome, which is explained in detail at Blog of Ryan Narraine, as per the vulnerability disclosure, An attacker could easily deceive Chrome users into launching an executable Java file by combining a flaw in WebKit with a known Java bug.

A Proof of concept (POC) is also been release by Security expert Aviv Raff, who first discovered this flaw. (Kindly Note: This Proof of concept page will automatically download a Java file onto your desktop). You can safely click on the download, as it only opens up a notepad application written in Java.

As per the POC, after a user double-clicks the download at the bottom of the screen, this application is opened without any warning, which would allow a malicious hacker to easily execute any Java program on a user’s machine.

About Google Chrome:

Google Chrome, The name is derived from the graphical user interface frame, or “chrome”, of web browsers. The open source project behind Google Chrome is known as Chromium.

Google Chrome was originally scheduled to be released on 3 September 2008, A comic designed by Scott McCloud was supposed to be sent to journalists and bloggers explaining the features and motivations for the new browser, copies intended for Europe were shipped early and a German blogger made a scanned copy available on his website after receiving it on 1 September 2008. Google subsequently made the comic available on Google Books and their site and referenced it on its official blog along with an explanation for the early release.

Built-in Security Features of Google Chrome

Blacklists
Chrome periodically downloads updates of two blacklists (one for phishing and one for malware) and warns users when they attempt to visit a harmful site. This service is also made available for use by others via a free public API called “Google Safe Browsing API”. In the process of maintaining these blacklists, Google also notifies the owners of listed sites who may not be aware of the presence of the harmful software.

Sandboxing
Each tab in Chrome is sandboxed to “prevent malware from installing itself” or “using what happens in one tab to affect what happens in another”. Following the principle of least privilege, each process is stripped of its rights and can compute but can not write files or read from sensitive areas (e.g. documents, desktop)—this is similar to “Protected Mode” that is used by Internet Explorer 7 on Windows Vista. The Sandbox Team is said to have “taken this existing process boundary and made it into a jail”[11]; for example malicious software running in one tab is unable to sniff credit card numbers, interact with the mouse or tell “Windows to run an executable on start-up” and will be terminated when the tab is closed. This enforces a simple computer security model whereby there are two levels of multilevel security (user and sandbox) and the sandbox can only respond to communication requests initiated by the user.

Plugins
Plugins such as Adobe Flash Player are typically not standardised and as such cannot be sandboxed like tabs. These often need to run at or above the security level of the browser itself. To reduce exposure to attack, plugins are run in separate processes that communicate with the renderer, itself operating at “very low privileges” in dedicated per-tab processes. Plugins will need to be modified to operate within this software architecture while following the principle of least privilege.

You may also like this

• Glimpses of tomorrow.. A security obsessed world..?