Chrome Releases
Release updates from the Chrome team
Stable Update: Security Fix
Thursday, April 23, 2009
Edit (24 April):
Removed "Such an attack only works if Chrome is not already running."
Google Chrome's Stable channel has been updated to 1.0.154.59 to fix a security issue:
CVE-2009-1412
ChromeHTML protocol handler same-origin bypass
An error in handling URLs with a chromehtml: protocol could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk under certain conditions.
If a user has Google Chrome installed, visiting an attacker-controlled web page in Internet Explorer could have caused Google Chrome to launch, open multiple tabs, and load scripts that run after navigating to a URL of the attacker's choice.
See
http://code.google.com/p/chromium/issues/detail?id=9860
for more details.
Affected versions
: 1.0.154.55 and earlier
Severity
: High. This allows universal cross-site scripting (UXSS) without user interaction under certain conditions.
Credit
: Roi Saltzman (roisa@il.ibm.com) Security Researcher at IBM Rational Application Security Research Group
--Mark Larson
Google Chrome Program Manager
Labels
Admin Console
43
Android WebView
19
Beta
21
Beta update
4
Beta updates
2011
chrome
15
Chrome Dev for Android
127
Chrome for Android
940
Chrome for iOS
371
Chrome for Meetings
5
Chrome OS
1149
Chrome OS Flex
22
Chrome OS Management
12
Chromecast Update
6
ChromeOS
207
ChromeOS Flex
204
Desktop Update
1102
dev update
266
Dev updates
1502
Early Stable Updates
49
Extended Stable updates
126
Flash Player update
5
Flex
1
Hangouts Meet hardware
5
LTS
87
stable
11
Stable updates
1231
Archive
2024
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2023
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2022
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2021
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2020
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2019
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2018
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2017
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Give us feedback in our
Product Forums
.