Google is out with an incremental update to its stable and beta releases of the Chrome browser to version 184.108.40.206. The key fix is a very interesting cross browser attack vector that previously plagued Firefox and Microsoft’s Internet Explorer.
According to Google’s release notes:
As far as I can tell this is the same issue that Mozilla dealt with back in July of 2007. The CVE advisory on the original issue notes:
Argument injection vulnerability in Microsoft Internet Explorer, when
running on systems with Firefox installed and certain URIs registered,
allows remote attackers to conduct cross-browser scripting attacks and
execute arbitrary commands.
So then – this is an issue that has been known in other browsers for 18+ months but now has been plugged in the newbie Google Chrome. Go figure.
I suspect that other issues like this will pop up in Chrome. That is, other older issues that have been solved by other browsers but have not yet been identified in Chrome, but will be. It’s just a matter of time.