From the advisory:
Type of Issue : Buffer Overflow.
Affected Software : Google Chrome 0.2.149.27.
Exploitation Environment : Google Chrome on Windows XP SP2.
Impact: Remote code execution.
Rating : Critical.
Description : The vulnerability is caused due to a boundary error when handling the "SaveAs" function. On saving a malicious page with an overly long title (
tag in HTML), the program causes a stack-based overflow and makes it possible for attackers to execute arbitrary code on users' systems.
How an attacker could exploit the issue : To exploit the Vulnerability, a hacker might construct a specially crafted Web page, which contains malicious code. He then tricks users into visiting his Web site and convinces them to save this Page. Right after that, the code would be executed, giving him the privilege to make use of the affected system.
Fortunately, Google promptly fixed the flaw. Just make sure you are running version 0.2.149.29 or higher. You can do that by selecting About, then Update within Chrome, or visiting this Google page.
I've a suspicion we've many more Google Chrome security-related updates on the way.