CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 20th, 2009

Microsoft Discovers Flaw In Google Plug-in For Internet Explorer

Microsoft has helped discover a flaw in the Google Chome Frame plug-in for Internet Explorer users.

The plug-in allows suitably coded web pages to be displayed in Internet Explorer using the Google Chrome rendering engine. Redmond warned that the plug-in made IE less secure as soon as it became available back in September, an argument bolstered by the discovery of a cross-origin bypass flaw in the add-in

Successfully exploiting the flaw creates a means for hackers to bypass security controls though not to go all the way and drop malware onto vulnerable systems.

Microsoft and security researcher Lostmon are jointly credited with discovering the vulnerability in Google’s browser add-on.

Google acknowledged the flaw and urged users to update to version 4.0.245.1 of Google Chrome Frame. All users should be updated automatically to the latest version of the software, which also tackles a number of performance and stability glitches. Chief among these are problems handling iFrames, as explained in Google’s security advisory at http://googlechromereleases.blogspot.com/2009/11/google-chrome-frame-update-bug-fixes.html

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Computers With Internet Explorer And Google Chrome Installed Are At Risk
  • Cross-Domain Vulnerability In Microsoft Internet Explorer 6
  • Microsoft Internet Explorer Script Injection Vulnerability
  • Major Internet Explorer 8 Flaw Makes ‘Safe’ Sites Unsafe
  • Internet Explorer 7 Zero-day Vulnerability Expands To Versions 5.01, 6, And 8

    • Posted in Google, Microsoft, Software, Vulnerabilities, Windows | Print This Post Print This Post

    This entry was posted on Friday, November 20th, 2009 at 9:54 pm and is filed under Google, Microsoft, Software, Vulnerabilities, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Microsoft Discovers Flaw In Google Plug-in For Internet Explorer

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »