Chrome Pwn2Own: Critical WebKit Flaw Fixed Security Advisory

Although Google's Chrome was the only browser left standing after March's Pwn2Own hacking contest, it was vulnerable to the same bug that a German college student used to bring down Apple's Safari, Google acknowledged this week.

Although Google patched the Chrome vulnerability May 7, it waited until last Wednesday to reveal that the bug was the same WebKit flaw that Apple patched the day before. [We are] disclosing that this release contains the fix for CVE-2009-0945, an issue in WebKit code that also affects Apple's Safari," Mark Larson, the program manager for Chrome, said in a May 13 post. "We did not want to disclose this until Apple's fix for Safari users was released."

Apple patched the WebKit vulnerability Tuesday as part of a massive security update for both Mac OS X 10.5, aka Leopard, and Mac OS X 10.4, or Tiger.

The link for this article located at ComputerWorld is no longer available.