By Scott M. Fulton, III, Betanews
When the first public beta of Google Chrome arrived on the scene last September, it was given a rather rude welcome: It immediately faced the problem of averting a vulnerability. But this was only by virtue of the fact that it uses the open source WebKit rendering engine, whose exploitability had been discovered in Apple Safari just a few weeks earlier.
Now, however, Chrome is coming unto its own, but in a good way: Developers discovered some serious vulnerabilities in the browser apparently before malicious users did. In perhaps the most potentially serious dodged bullet, one of the Chromium project's lead contributors discovered a buffer overflow condition that occurs when a bitmap is copied between two locations in memory. The pointers to those locations may point to different-sized areas without any type or size checking, theoretically enabling unchecked code to be copied into protected memory and then potentially executed without privilege.
It's a typical buffer overflow situation. But in this case, the Google team was able to investigate and validate the claim, resolve the situation, and issue a test build for quality assurance testing within a mere five days. Still, the QA phase required another eight days before build 154.64 was released, and all during that time, the fact of Chrome's vulnerability was out in the open in Chromium's developers' forum.
While this isn't the first security-related issue to have affected Chrome since last September, it is probably the most critical. There is no indication that an active exploit of this issue was ever tried or is in the field.
Copyright Betanews, Inc. 2009