Google has released version 22 of their popular Chrome web browser and while it doesn’t come with a huge list of changes, there are a couple of features to get excited about if you are concerned with security. Google has infused Chrome with the fully hardware-accelerated Pepper Flash plug-in for Windows users, resulting in what has been described as unrivalled protection against malicious Flash apps found lurking on the Internet.
As proven by the CanSecWest Pwn2Own hacks, the Flash Player plugin that ships with Google Chrome is a major weak spot that has been targeted by attackers.
Google has quietly tweaked the browser to put Flash in the browser's more restrictive sandbox on all versions of Windows, making it significantly harder to exploit a Flash Player vulnerability to get full system access. The fully sandboxed Flash was included in the Chrome 21 beta release, according to Google's Justin Schuh.
We announced last November that we are focusing our work with Flash on PC browsing and mobile apps packaged with Adobe AIR, and will be discontinuing our development of the Flash Player for mobile browsers.
Cyber-spies have planted Java- and Flash-exploiting malware on web sites focused on human rights, defence and foreign policy. Over the last two weeks, the Shadowserver Foundation, a nonprofit group that tracks internet threats, has discovered several such compromised web pages that download the malware through visitors' browsers. The malware, which exploits known flaws in Adobe Flash and Java, is aimed at Mac and Windows systems.
A critical security flaw that has been affecting Adobe's Flash Player application now has an update from the software company towards remedying the problem. Actually the flaw had been enabling hackers to exploit it so users could be deceived into taking down malware while browsing in IE (Internet Explorer) that too was getting impacted. Redorbit.com published this on May 6, 2012.