Chrome Releases
Release updates from the Chrome team
Stable Update: Security Fix
Thursday, April 23, 2009
Edit (24 April):
Removed "Such an attack only works if Chrome is not already running."
Google Chrome's Stable channel has been updated to 1.0.154.59 to fix a security issue:
CVE-2009-1412
ChromeHTML protocol handler same-origin bypass
An error in handling URLs with a chromehtml: protocol could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk under certain conditions.
If a user has Google Chrome installed, visiting an attacker-controlled web page in Internet Explorer could have caused Google Chrome to launch, open multiple tabs, and load scripts that run after navigating to a URL of the attacker's choice.
See
http://code.google.com/p/chromium/issues/detail?id=9860
for more details.
Affected versions
: 1.0.154.55 and earlier
Severity
: High. This allows universal cross-site scripting (UXSS) without user interaction under certain conditions.
Credit
: Roi Saltzman (roisa@il.ibm.com) Security Researcher at IBM Rational Application Security Research Group
--Mark Larson
Google Chrome Program Manager
Labels
Admin Console
43
Android WebView
19
Beta
21
Beta update
4
Beta updates
2030
chrome
15
Chrome Dev for Android
133
Chrome for Android
959
Chrome for iOS
385
Chrome for Meetings
5
Chrome OS
1150
Chrome OS Flex
23
Chrome OS Management
12
Chromecast Update
6
ChromeOS
213
ChromeOS Flex
210
Desktop Update
1128
dev update
266
Dev updates
1514
Early Stable Updates
50
Extended Stable updates
133
Flash Player update
5
Flex
1
Hangouts Meet hardware
5
LTS
90
stable
11
Stable updates
1256
Archive
2025
Jan
2024
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2023
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2022
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Give us feedback in our
Product Forums
.