Browser Wars – Security Alert from Microsoft concerning two Chrome flaws

It appear Microsoft is fighting back by not only patching its browser flaws but is also taking the step of researching and pointing out flaws in its competitor’s browsers.

Microsoft’s Vulnerability Research program announced its concern with two exploits in Google’s Chrome internet browser. The two bugs Microsoft discovered have since been reportedly fixed. According to Google, users only need to make sure their browsers are up to date. The specific issues are code-named MSVR11-001 and MSVR11-002. These bugs are known for the following reasons:

MSVR11-001 could allow remote code to be executed through the sandboxing of Chrome.

”A sandboxed remote code execution vulnerability exists in the way that Google Chrome attempts to reference memory that has been freed. An attacker could exploit the vulnerability to cause the browser to become unresponsive and/or exit unexpectedly, allowing an attacker to run arbitrary code within the Google Chrome Sandbox. The Google Chrome Sandbox is read and write isolated from the local file system which limits an attacker.”

MSVR11-002 is an issue with older versions of Google Chrome, and older versions of Opera. Specifically, the two browsers that marked the end of the issue were Chrome 8.0.552.210, and Opera 10.62. This bug relates to the manner in which the two browsers handle HTML5; they deal with the code in a manner that could ‘allow information disclosure’.

“Specifically, as the World Wide Web Consortium (W3C) describes in the HTML5 specification for security with canvas elements, information leakage can occur if scripts from one origin can access information from another origin.”


About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: