Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Finds Security Flaw In Google Chrome Frame

Posted by timothy on from the they're-the-experts dept.

Christmas Shopping writes with this excerpt from Kaspersky Labs' threatpost: "Back in September, when Google launched the Google Chome Frame plug-in for Internet Explorer users, Microsoft immediately warned that the move would increase the attack surface and make IE users less secure. Now comes word that a security researcher in the Microsoft Vulnerability Research (MSVR) has discovered a 'high risk' security vulnerability that could allow an attacker to bypass cross-origin protections." "Google has hurried out a patch," he adds.

12 of 214 comments (clear)

  1. Dude by Anonymous Coward · · Score: 5, Funny

    MS Finds Security Flaw In Google Chrome Frame

    Timothy, you owe me a new Transformers t-shirt. I just spat coffee all over myself.

    1. Re:Dude by naasking · · Score: 1, Funny

      in much the same way that Google doesn't go looking for software bugs in Microsoft products.

      To be fair, you don't really have to "look" to find bugs in MS products...

      --
      Higher Logics: where programming meets science.
    2. Re:Dude by hrimhari · · Score: 2, Funny

      But then, this is /. so we love to rail on MS, Apple and even Linux anywhere we can.

      There, ported it to the present ; )

      --
      http://dilbert.com/2010-12-13
  2. This is possible? by TheDarkMaster · · Score: 3, Funny

    Internet Explorer less secure? This is really possible?

    --
    Religion: The greatest weapon of mass destruction of all time
  3. i can see it all now by Anonymous Coward · · Score: 1, Funny

    Google makes IE less secure, users switch to real Chrome, google (somehow) profits!

  4. I dub thee... by Anonymous Coward · · Score: 1, Funny

    ... the ``glass house'' security team. Stones complimentary from the house.

  5. Re:At least they patched it by Carewolf · · Score: 2, Funny

    Binaries installed or modified outside the packaging system is a security flaw, not to mention impossible to maintain. Everytime Firefox opens an update dialog, it is effectively asking me to take a shitload on my Linux installation... and kill a kitten.

  6. Re:Expected by Narpak · · Score: 3, Funny

    In an attempt at humour I will add that making "IE less secure" seems redundant. Much like this post.

    --
    The Long Now Foundation
  7. Re:At least they patched it by tokul · · Score: 5, Funny

    Everytime Firefox opens an update dialog, it is effectively asking me to take a shitload on my Linux installation... and kill a kitten.

    Not on your Linux installation, but in your own home directory. Unless you run as root. If you do run Firefox as root, then you should not worry about kittens killed when firefox is updated. You kill them every second spend in your X session.

  8. This is just a temporary inconvenience by bbbaldie · · Score: 2, Funny

    Once we end all of this open standards silliness, and get you to do your internet business with safe, secure ActiveX and .Net, security woes will be a thing of the past!

  9. Breaking news! by davidbrit2 · · Score: 4, Funny

    We have early word that the security vulnerability goes by the name "Internet Explorer". Details are thin at this time, but we'll have more as the story develops. Janet, back to you in the studio.

  10. Re:Expected by Kaitnieks · · Score: 3, Funny

    It's been reported that Google will pay Microsoft in adwords coupons.