If we see theoritically, Chrome should be more secure than other browsers because, rather than being a single-threaded application, each tab is handled by its own sandboxed process.
Google (NSDQ: GOOG)’s Chrome browser is only a day old, but security researchers already have found vulnerabilities that can be exploited.
According to a report published by ZDNet, security researcher Aviv Raff has found that he can combine a flaw in the open source WebKit engine with a Java bug to dupe Chrome users into downloading executable files.
The remote host contains a web browser that is affected by an address
The version of Google Chrome installed on the remote host is earlier
than 0.3.154.9. Such versions are reportedly are affected by an
address spoofing vulnerability in pop-ups. An attacker can leverage
this issue to manipulate a window’s address bar to show a different
address than the actual origin of the content.
See also :
Upgrade to Google Chrome version 0.3.154.9 or later.