Google Chrome isn’t officially out yet, but security researchers have already picked the browser apart to discover a security vulnerability.
The WebKit engine used inside Chrome leaves it vulnerable to the infamous Safari carpetbombing flaw, security researcher Aviv Raff warns. The flaw stems from a combination of a vulnerability in Apple Safari WebKit and a Java security bug, security blogger Ryan Naraine reports.
As a result Windows users of the beta software might be tricked into downloading malicious files onto their desktop. Raff has published a harmless proof-of-conceptexploitin order to illustrate his concerns.