Google Chrome Download Vulnerability
September 4, 2008
US-CERT is aware of a vulnerability that affects the Google Chrome web browser. This vulnerability is due to a default configuration that allows files to be downloaded without prompting the user. In addition, downloaded files can be opened with a single click, which could allow a user to inadvertently open a malicious file.
US-CERT encourages users to enable the “Ask where to save each file before downloading” option within the “Minor Tweaks” tab in the browser preferences. Although this does not fix the underlying vulnerability, selecting this option will warn the user before files are downloaded. Users should still exercise caution when visiting and downloading items from untrusted websites.
Source: US-CERT
Be the first to know. Subscribe to our RSS Feed 
Most browsers (including Firefox) have a very BAD feature that is very risky and insecure. When we click to download something, it starts to download right away, even before we say where we want it saved. There are some javascript exploits that make the browser start to download malitious files and since they usually are very light they install themselves on our computer without our consent. Firefox 2 had this, I don’t know if Firefox 3 has it too but I think it does. Happened to me once, I was pissed as hell. Back in the time I was still not using NoScript… Now, that’ll never happen again, no siree.
please i need google chreme