Not really an issue when the following 3 prerequisites must be met:
Google must not be the selected search engine.
User must not have visited any HTTPS resources before the attack.
Chrome's current working directory must be set to attacker-controlled location.
Slashdot Mirror
Not really an issue when the following 3 prerequisites must be met: Google must not be the selected search engine. User must not have visited any HTTPS resources before the attack. Chrome's current working directory must be set to attacker-controlled location.