Several dangerous security flaws have been found in Google Chrome, leaving the popular Web browser open to cyberattack.
Errors in Chrome’s audio handling, volume setting, image loading, autofill profiles, PDF software and secure sockets layer (SSL) libraries could all be exploited by an attacker to gain control of a system, said the security firm Secunia, which labeled the bugs “highly critical.”
An error also exists within Chrome’s built-in “sandbox” feature. A safeguard that isolates defects and prevents them from spreading throughout a system, sandbox technology has thus far been an integral part of Chrome’s appeal.
(Coincidentally, Google recently announced it would pay $20,000 to anyone who could exploit Chrome at next month’s CanSecWest conference.)
The security flaws have been fixed in Chrome version 9.0, but are still present in version 8.x. Only users of Mac OS X are affected, Secunia said.
To automatically update Chrome, go to the wrench icon in the browser’s upper right corner and select “About Google Chrome.” Chrome will check for security updates and inform you if any are available.