From Internet Explorer to Mozilla Firefox to Google Chrome – that’s the path that many computer users have followed in the past years. Personally, I have stuck to Mozilla but I do use Chrome every now and then when I want things to go much faster. But did you know that Google’s streamlined browser has its share of security issues as well?

This is not really that surprising. After all, most any product you see in the market will be exploited by those who want to do so. In any case, Google has come out with updates to their browser, making it more secure for us users.

The most recent update for Google Chrome fixes some issues on how the browser handles Javascript and XML. For the Javascript engine, the fix makes sure that an infected web site will not allow malicious Javascript to run arbitrary code. You and I know very well that the phrase “run arbitrary code” simply translates to “install malware.” With this problem supposedly fixed, Chrome is definitely safer.

Another fix deals with the possibility of a web page using XML to, again, run arbitrary code. This happens when the malicious XML crashes a Chrome tab.

Last, the Chrome update will not allow you to connect to “HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms.” The reason for this is that these algorithms are prone to hacking and that it is relatively easy to pose as a fake HTTPS site.

For more detailed info, read it from Google’s own blog.

Photo courtesy of Ivan Zlatev

Categories: General, Google Chrome, Malware, News

Leave a Comment

This piece of news is not so good for Mozilla. It had to shut down the operations of its online store late on Tuesday because of an alarming finding. The fact is that the firm that Mozilla had hired to deal with their backend operations has suffered a security breach. Mozilla immediately issued a statement about the issue:

Today, Mozilla discovered that GatewayCDI, the third-party vendor entrusted to run the backend of the Mozilla Store, suffered a security breach. Once notified, we took the immediate preventative step of shutting down the Mozilla Store to ensure that no additional users could be compromised.

And just to be sure, the company immediately shut down the international version of their online store. While this was not really necessary since the international edition is being maintained by a separate company, Mozilla still shut it down as a precaution. As of this writing, there is no news yet as to the whether the security breach has been fixed. Indeed, Mozilla did not even really divulge details as to the nature and extent of the breach. I guess it is enough that they owned up to the issue and that they took immediate steps to stop the problem before it became serious.

And in case you were not aware of what Mozilla offers in its online store, this is where you can get T-shirts, coffee mugs, backpacks, mouse pads, and all sorts of other things that you can buy with the popular Mozilla logo prominently printed on them.

Moral of the story? Even one of the best IT companies in existence today is prone to hacking. Us “mortals” should learn from this.

Categories: Firefox, General, News

Leave a Comment