Chrome Releases
Release updates from the Chrome team
Stable Update: Security Fix
Thursday, April 23, 2009
Edit (24 April):
Removed "Such an attack only works if Chrome is not already running."
Google Chrome's Stable channel has been updated to 1.0.154.59 to fix a security issue:
CVE-2009-1412
ChromeHTML protocol handler same-origin bypass
An error in handling URLs with a chromehtml: protocol could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk under certain conditions.
If a user has Google Chrome installed, visiting an attacker-controlled web page in Internet Explorer could have caused Google Chrome to launch, open multiple tabs, and load scripts that run after navigating to a URL of the attacker's choice.
See
http://code.google.com/p/chromium/issues/detail?id=9860
for more details.
Affected versions
: 1.0.154.55 and earlier
Severity
: High. This allows universal cross-site scripting (UXSS) without user interaction under certain conditions.
Credit
: Roi Saltzman (roisa@il.ibm.com) Security Researcher at IBM Rational Application Security Research Group
--Mark Larson
Google Chrome Program Manager
Labels
Admin Console
43
Android WebView
19
Beta
12
Beta updates
1054
chrome
1
Chrome Beta for Android
225
Chrome Dev for Android
4
Chrome for Android
126
Chrome for iOS
27
Chrome for Meetings
5
Chrome OS
902
Chrome OS Management
12
Chromecast Update
6
Desktop Update
342
dev update
90
Dev updates
1022
Flash Player update
5
Hangouts Meet hardware
5
Stable updates
630
Archive
2020
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Give us feedback in our
Product Forums
.
