informa
Commentary

UPDATE: Some Google Chrome Problems Patched, Blended Threat Vulnerability Remains

Update Google Chrome now! (We tell you how below.) A buffer overflow vulnerability in the new browser has been identified and patched but, contrary to early reports, the blended WebKit/Java vulnerability has NOT been patched yet.
Update Google Chrome now! (We tell you how below.) A buffer overflow vulnerability in the new browser has been identified and patched but, contrary to early reports, the blended WebKit/Java vulnerability has NOT been patched yet.The buffer overflow issue results from using too-long filenames in your save-as file downloads, according to a post from Vietnamese security company Bach Koa Internetwork Security.

Chrome's developers have released an upgrade of the browser that repairs this problem.

As far as the WebKit/Java blended threat vulnerability discussed here (and everyplace else) last week, reports vary with some early statements, including this blog (and my apologies for that) reporting that the problem was patched. Evidently it's not.

Note to Google: how about posting change-logs and other update details so people know immediately what is and isn't fixed.

While we wait for the blended threat patch, the buffer overflow fix is available by updating Chrome. Do so by:

1. Click on the wrench in the browser's upper right corner

Recommended Reading: