Skip to main content
  1. Home
  2. Web
  3. News

This string of 16 characters will crash Chrome

By

This is not Google’s finest hour: Following on the heels of news that hacking Android Lollipop is as easy as typing a long string of characters comes word that a string of 16 characters can crash Google’s Chrome web browser — and you don’t even have to type it into the address bar.

The bug was exposed by Latvia-based software engineer and security researcher Andris Atteka, who shared his discovery in a blog post. In his example, he used a 26-character string to crash Chrome. However, VentureBeat used this 16-character string, which also crashes the browser: http://a/%%30%30

Recommended Videos

A user doesn’t even have to type or paste the string into their browser address bar – simply hovering over or tabbing to the live link will crash the user’s current tab and any other tab that has the link. Sometimes the link will crash the entire browser.

Related

The issue appears to affect Chrome for Windows, Chrome for Mac, and Chrome for Linux, but not Chrome for Android. It may also affect Opera users, according to a Slashdot comment thread.

Atteka reported the bug to Google but did not receive a bounty because it’s not deemed a security threat. Old code seems to be part of the issue, according to a Chromium team member.

Two similar issues were discovered and fixed earlier this year, VentureBeat notes.

Editors’ Recommendations

Topics
Jason Hahn
Jason Hahn
Former Digital Trends Contributor
Jason Hahn is a part-time freelance writer based in New Jersey. He earned his master's degree in journalism at Northwestern…
This new Google Chrome feature could make the internet more pleasant
The Google Chrome logo on a smartphone.

The internet isn't the most hospitable place in the world, that's for sure. A new feature may be coming to the Chrome web browser that could make the interaction between people and websites a bit more pleasant -- tipping.

As mentioned in a Chrome Platforms Status blog post, Google Chrome plans to add Web Monetization technology that the Web Platform Incubator Community Group is working on to make it easier for users to tip their favorite sites.

Read more
Update your Chrome browser now to gain this critical security feature
Google Chrome icon in mac dock.

Yesterday, in a blog post on Google's security blog, Willian Harris from Chrome's Security Team said that Google is improving the security of Chrome cookies on Windows PCs by adopting a similar method used in macOS to help protect users from info-stealing malware.

The security update addresses session cookies that authenticate your identity when you switch apps without logging back in. Google wants to adopt the security system used by Keychain on macOS and start using "a new protection on Windows," which updates Data Protection API (DPAPI) and brings a new security tool called "application-bound" encryption.

Read more
This new Google Chrome security warning is very important
The Google Chrome logo on a black phone which is resting on a red book

Google is changing how it warns its users about suspicious files on Chrome by adding new full-page warnings and cloud scanning regarding suspicious downloads, according to Windows Report. This is an attempt to explain more precisely why it blocks specific downloads. Google says that the AI models will divide the warning into two categories: "suspicious" or "dangerous."

The new warning system primarily benefits those using the anti-phishing Enhanced protection feature. The files users upload to the cloud for an automatic scan and those that undergo a deep scan are 50 times more likely to have the AI flag them as malware.

Read more