Nasty URL bug brings Google Chrome to a screeching halt
According to VentureBeat, merely appending “%%30%30” to the end of a URL will cause Chrome to hang and crash. The cruelest twist? You don’t even have to open a malformed URL to cause the crash–merely mousing over the link is enough to bring down Chrome. (In other words, don't add the above string to URLs unless you like cussing at your computer. Don't say we didn't warn you.)
Security researcher Andris Atteka originally discovered the bug by entering a URL with the added characters tacked on (a total of 26 characters), but VentureBeat noted that it takes even fewer characters—only 16 in total—to crash the browser.
Atteka says this is “only a DOS vulnerability”—that is, a crash-causing bug—so it isn’t a security flaw in the truest sense of the word. Still, this bug has the potential to be quite a nuisance since you’ll lose all your open browser tabs and windows.
The bug affects current versions of Chrome as of this writing, and will crash both Windows and OS X versions of the browser. While you probably won’t come across it in the wild, Google has yet to release a patch for this bug, so be careful out there.
Comments
Post a Comment