MS Finds Security Flaw In Google Chrome Frame

Christmas Shopping writes with this excerpt from Kaspersky Labs' threatpost: "Back in September, when Google launched the Google Chome Frame plug-in for Internet Explorer users, Microsoft immediately warned that the move would increase the attack surface and make IE users less secure. Now comes word that a security researcher in the Microsoft Vulnerability Research (MSVR) has discovered a 'high risk' security vulnerability that could allow an attacker to bypass cross-origin protections." "Google has hurried out a patch," he adds.

At least they patched it

[santax]

And not wait another week until it's patch-Tuesday.

Re:Dude

> in much the same way that Google doesn't go looking for software bugs in Microsoft products.

You need to keep a closer eye on Microsoft bulletins, it actually happens regularly.

http://www.google.com/search?hl=en&q=site:microsoft.com+Google+intitle:"Microsoft+Security+Bulletin"

Re:Shut up?

[blind+biker]

Yeah. For once, this case was conducted in a civilized manner, much to my own surprise. Yes, I admit I am surprised, because I expected a slightly different modus operandi from a company like Microsoft, with a uber-competitive, testosterone-saturated corporate culture. This, for me, more than any other, is a proof that Microsoft is changing.