Google patches Chrome vulnerabilities

Google has fixed two high-severity vulnerabilities in the stable version of its Chrome browser that could have let an attacker remotely take over a person's computer, reports Cnet.

With one attack on Google's V8 JavaScript engine, malicious JavaScript on a Web site could let an attacker gain access to sensitive data or run arbitrary code on the computer within a Chrome protected area called the sandbox, Google said.

With the other, a page with XML-encoded information could cause a browser tab crash that could let an attacker run arbitrary code within the sandbox.

YouTube will invite users with popular videos to allow ads to appear alongside the clips, from which some of the revenue generated will go to the users, states FoxBusiness.

This marks a significant attempt on Google's part to monetise the popular user-generated video site.

The so-called YouTube Partnership Programme previously only applied to users who regularly produce clips reaching a wide audience.

For the third year in a row, McAfee has issued a list of the most dangerous celebrities when it comes to Internet search results, says eWeek.

The list is home to more than a few well-known singers and movie stars, such as Miley Cyrus and Angelina Jolie. According to McAfee, which just recently published a list of the summer's top malicious Web sites, more than 20% of Web searches for Jessica Biel lead to sites with malicious content.

Fans searching for "Jessica Biel", "Jessica Biel downloads", "Jessica Biel wallpaper", "Jessica Biel screensavers", "Jessica Biel photos" and "Jessica Biel videos" have a one-in-five chance of encountering a Web site hosting malware threats, McAfee reported.

A new SQL injection attack has already snared over 50 000 legitimate Web sites, and threatens to cause havoc for innocent Internet users, according to new research from ScanSafe, reports Computing.co.uk.

The attack exploits poor coding to insert a malicious frame on the sites. When visited by a user, an infected site will begin to download what ScanSafe senior security researcher Mary Landesman described as "a potent Trojan cocktail consisting of backdoors, password stealers and a downloader".

The number of infected sites now stands at around 57 000, having jumped by around 9 000 in the past few days. "These are smaller business sites which unfortunately don't have the aggressive support staff of their larger cousins but, when taken collectively, get very good traffic," she said.