VULNERABILITIES / FIXES - March 08, 2013
by Carol~ - 3/8/13 10:12 AM
Google Chrome WebKit Type Confusion Vulnerability
Release Date : 2013-03-08
Criticality level : Highly critical
Impact : System access
Where : From remote
Solution Status : Vendor Patch
Software: Google Chrome 25.x
MWR InfoSecurity has reported a vulnerability in Google Chrome, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a type confusion error in WebKit and can be exploited to execute arbitrary code in the context of the sandboxed render process.
The vulnerability is reported in versions prior to 25.0.1364.160.
Update to version 25.0.1364.160.
Provided and/or discovered by:
Nils and Jon Butler, MWR InfoSecurity.