Microsoft Vulnerability Research (MSVR) has found a flaw in Google Chrome, Google’s web browsing software, through Google’s Chrome Fame plug-in for Internet Explorer users (officially described as “an early-stage open source plug-in that seamlessly brings Google Chrome’s open web technologies and speedy JavaScript engine to Internet Explorer). Frame also claims to include the HTML5 <canvas> tag, as well as improved performance with Javascript applications. Microsoft warned that the “attack surface” would increase because of this and make I.E. users less secure. The vulnerability essentially allows for the bypassing of the cross-origin protections. Google has already released a patch that fixes this vulnerability as well as a few other bugs.
It begs the question: Should Google and Microsoft be creating software infusions of one another’s work? The two industry-juggernauts are integral at this stage and their usage is beyond widespread, it’s a societal norm. Security vulnerabilities that they engender within one another would have the most dire of consequences. What do you think?
