sabato 02 agosto 2025 23:50mobile   |   3dfxzone.it   |   amdzone.it   |   atizone.it   |   forumzone.it   |   hwsetup.it   |   nvidiazone.it   |   unixzone.it 
  ATIZONE.IT
  proudly powered by 3dfxzone.it
Home    |    News    |    Headlines    |    Articoli    |    Download    |    Community    |    Condividi    |    Contatti    |    Tag    |    Ricerca    |    Sitemap
 
Pubblicità Informazioni e Release Notes del file: Google Chrome 2.0.172.43 Ultime News
Condividi su Facebook Condividi su Twitter Condividi su WhatsApp Condividi su reddit

Google Chrome 2.0.172.43 has been released to the Stable channel to fix the security issues listed below.

CVE-2009-2935 Unauthorized memory read from Javascript

A flaw in the V8 Javascript engine might allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks. It is possible that this could lead to disclosing unauthorized data to an attacker or allow an attacker to run arbitrary code.

More info: http://code.google.com/p/chromium/issues/detail?id=18639 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: High.  An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Credit: This issue was found by Mozilla Security.

Mitigations:

  • A victim would need to visit a page under an attacker’s control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.

Security Fix: Treat weak signatures as invalid

Google Chrome no longer connects to HTTPS (SSL) sites whose certificates are signed using MD2 or MD4 hashing algorithms. These algorithms are considered weak and might allow an attacker to spoof an invalid site as a valid HTTPS site. 

More info: http://code.google.com/p/chromium/issues/detail?id=18725 (This issue will be made public once a majority of users are up to date with the fix.)

Severity: Medium.  Further advances in attacks against weak hashing algorithms may eventually permit attacks to forge certificates.

Credit:  Dan Kaminsky, Director of Penetration Testing, IOActive Inc., Meredith Patterson and Len Sassaman. See their paper at http://www.ioactive.com/pdfs/PKILayerCake.pdf

CVE-2009-2414  Stack consumption vulnerability in libxml2

CVE-2009-2416  Multiple use-after-free vulnerabilities in libxml2 

Pages using XML can cause a Google Chrome tab process to crash. A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.

More info: See the CVE entries noted in this report.

Severity: High.  An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Credit: Original discovery by Rauli Kaksonen and Jukka Taimisto from the CROSS project at Codenomicon Ltd. The Google Chrome security team determined that Chrome was affected.

Mitigations:

  • A victim would need to visit a page under an attacker’s control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox. Click here for more details about sandboxing.
02.08.2025  
Sony e AMD al lavoro su 2 APU per le console PlayStation 6 home e portatile
Gaming & Retrogaming Utilities: MAME (Multiple Arcade Machine Emulator) 0.279
Privacy Eraser Free 6.21.0 protegge la privacy degli utenti di Microsoft Windows
01.08.2025  
Le foto del drive SSD M.2 NVMe WD Blue SN5100 non ancora annunciato da Sandisk
Backup & Mastering Utilities: BurnAware Free 18.8 - New Enhancements
FastStone Image Viewer 8.1 Portable visualizza e modifica le immagini e le foto
31.07.2025  
Free Benchmark & Testing Information Utilities: Futuremark SystemInfo 5.86
Memtest86 Free Edition 11.4 build 1000 rileva gli errori della memoria RAM
30.07.2025  
Blender 4.5.1 supporta l'utente nella generazione di contenuti grafici in 3D
MediaInfo 25.07 visualizza le proprietà dei file multimediali ed è free
29.07.2025  
Content Creation: OBS Studio 31.1.2 consente anche di creare e registrare video
Free Benchmark & Testing Information Utilities: Futuremark SystemInfo 5.85
28.07.2025  
WinMerge 2.16.50 confronta e rileva le differenze tra due o più file di testo
The Linux Kernel Organization rilascia il Linux Kernel 6.16: info e download
27.07.2025  
ASUS lancia la video card Turbo Radeon AI PRO R9700 con 32GB di VRAM GDDR6
Internet Download Manager 6.42 build 42 semplifica il download dei file
HDD & SSD - Monitoring & Information Tools: CrystalDiskInfo 9.7.1 [Portable]
Internet Utilities: Free Download Manager 6.29.0 - HTTPS, FTP, Bittorrent Ready
26.07.2025  
Intel Motherboard Drivers: Intel Chipset Device Software 10.1.20266.8668
25.07.2025  
Tuning & Overclocking & Monitoring Utilities: AMD Ryzen Master 3.0.0.4199
Indice delle news 
Ultimi File
GPU Monitor 13.0
ASUS GPU Tweak III 1.9.8.0
GPU-Z 2.67.0
GPU Shark 2.9.0 [Portable]
SAPPHIRE TriXX 10.0.0
Vulkan Hardware Capability Viewer 4.02
Call of Duty: Black Ops 7 | Official Teaser
AMD Radeon Software Adrenalin Edition 25.6.1
The Witcher 4 - Unreal Engine 5 Tech Demo 4K Screenshots
The Witcher 4 - Unreal Engine 5 Tech Demo Video
Indice dei file 
3dfxzone.it   ][   amdzone.it   ][   atizone.it   ][   forumzone.it   ][   hwsetup.it   ][   nvidiazone.it   ][   unixzone.it   ][   links   ][   feed rss   ][   chi siamo   ][   sitemap
ATIZone.it è servito da una applicazione proprietaria di cui è vietata la riproduzione parziale o totale (layout e/o logica). I marchi e le sigle in esso citate sono proprietà degli aventi diritto. Note Legali. Privacy.