Google addresses its own security bugs in Chrome stable release update
The stable channel for Google's Chrome Web browser (Chrome 2) has not seen a lot of action in recent weeks, perhaps indicating just how stable it has been. But a pair of exploitable defects that Google's engineers rate as "high" and "critical" have prompted the company to issue an automatic update to its deployed Chrome 2 Web browsers, beginning after midnight last night.
Although code running in Chrome is supposed to be tightly sandboxed, as engineers admitted very early this morning, the possibility existed for a maliciously crafted regular expression (RegEx, used in local searches) to generate a heap overflow, creating a situation where arbitrary code could be executed without the need for privilege. That was the "high" problem, which could lead to the ability to trigger the "critical" problem: An already compromised browser could then be maliciously maneuvered into allocating inordinately colossal memory buffers, thus slowing down the computer (denial of service) and possibly crashing the browser along the way.
Betanews tested the latest version 220.127.116.11 in Windows XP Professional SP3 (which seems to be Chrome's favorite platform of late) to determine any evidence of a performance hit. Benchmarks running regular expression tests did run about 3.4% more slowly on average than for build 18.104.22.168 -- a very acceptable performance hit for added security.
At present, there's no evidence that working exploits of these conditions were ever tested in the field -- they appear to have been just as much news to folks who try cracking browsers, as to anyone else.