Sole surviving browser patches same bug used to make money off Safari flaw

Although Google's Chrome was the only browser left standing after March's Pwn2Own hacking contest, it was vulnerable to the same bug that a German college student used to bring down Apple's Safari, Google acknowledged this week.

Although Google patched the Chrome vulnerability May 7, it waited until last Wednesday to reveal that the bug was the same WebKit flaw that Apple patched the day before.

"[We are] disclosing that this release contains the fix for CVE-2009-0945, an issue in WebKit code that also affects Apple's Safari," Mark Larson, the program manager for Chrome, said in a May 13 post. "We did not want to disclose this until Apple's fix for Safari users was released."

More: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9133152