Software

Chrome Security Threat Gets Criticized by Microsoft

A security team from Microsoft has found that Chrome has a security hole which appears to haven’t been properly patched. This way, Redmond highlighted that the Edge browser is better in terms of security than Google Chrome.

One member of that security team, Jordan Rabet, confirmed in Microsoft’s blog post that there is a security hole in Chrome and could lead to some malicious code execution. Although Chrome uses ‘sandboxing’ and techniques that focuses on isolating and containing any mode that would turn out malicious, it seems that Chrome is still vulnerable.

How Did Chrome Get a Hole in its Security?

There was a bug in the Javascript engine, and Microsoft has notified Google of this issue. The issue was addressed in a patch last month, having some bug fixes. Microsoft received a reward for finding the bug and received $7,500.

Microsoft didn’t lose the opportunity to point out that their Edge browser had a better protection in case of a similar security threat. They were also displeased at how Chrome handled their issue, as Chrome made public the fix for the source code on GitHub before it got to be released to customers, so any hackers could have easily taken advantage of the vulnerability before it got fixed. The problem is that Chrome was vulnerable for a month, easy to be exploited after they made the code public.

This isn’t the first time Microsoft and Chrome fight over which one can provide a better and a more secure browser. Last year we’ve heard of Google warning of a security issue in Windows.

In the same blog post, Chrome was also acknowledged to have a good isolation technique that would protect the browser from similar threats. As a reply to the blog post, engineers working at Google have praised Microsoft for opening such a discussion and showing that Chrome is making efforts in site isolation.

Tags
Close