The team of Google developers ran out of time and managed to deliver a patch only 24 hours after it was exposed during the CanSecWest conference, which challenges hackers (word used here with good intentions) to detect and expose security flaws for those responsible for software. the issue was a vulnerability in Chrome.
It was the Russian student Sergey Glazunov who discovered the exploit and took care to show the fault to the staff of Google. Once you understand the problem, they rushed to the source code and updated the browser. If you are a fan of Google's browser will probably not notice, but the update is available and probably installed on your computer without even draw your attention to this fact.
On page on the latest releases of Chrome, a Google representative congratulated the student for finding a critical error code CVE-2011-3046. It's about UXSS and browsing history problematic.
Mine is updated. And yours?
Google declined to comment on details about the vulnerability. They are right, since there are still unsuspecting users with browser versions without the patch. The great advantage of Chrome's distribution system is precisely this: the speed with which users get an update. Evil tongues say that a similar patch would take months to be released if found in Internet Explorer. How much evil ...
Besides helping the Internet in general, the Russian also won a nice prize. Pocketed $ 60,000 for a simple bug in Google Chrome. Not bad! Let him continue being paid well to make our navigation more secure.
Google is just one of several sponsors of the CanSecWest (still has Microsoft, Blackberry, Intel, Amazon, Adobe Kaspersky and always present).
It was the Russian student Sergey Glazunov who discovered the exploit and took care to show the fault to the staff of Google. Once you understand the problem, they rushed to the source code and updated the browser. If you are a fan of Google's browser will probably not notice, but the update is available and probably installed on your computer without even draw your attention to this fact.
On page on the latest releases of Chrome, a Google representative congratulated the student for finding a critical error code CVE-2011-3046. It's about UXSS and browsing history problematic.
Mine is updated. And yours?
Google declined to comment on details about the vulnerability. They are right, since there are still unsuspecting users with browser versions without the patch. The great advantage of Chrome's distribution system is precisely this: the speed with which users get an update. Evil tongues say that a similar patch would take months to be released if found in Internet Explorer. How much evil ...
Besides helping the Internet in general, the Russian also won a nice prize. Pocketed $ 60,000 for a simple bug in Google Chrome. Not bad! Let him continue being paid well to make our navigation more secure.
Google is just one of several sponsors of the CanSecWest (still has Microsoft, Blackberry, Intel, Amazon, Adobe Kaspersky and always present).
