Google Chrome pretends to be Safari to outfox Hotmail

Filed Under: Apple, Apple Safari, Google, Microsoft

Google Chrome logo

The Google Chrome web browser has been updated to fix a "high severity" security vulnerability that could be exploited by data thieves.

Version 1.0.154.46 of Chrome fixes a few security issues - including one involving the Adobe Reader plug-in that could allow a maliciously-crafted PDF file to run scripts on websites, and another which allowed malicious website script to read sensitive information (which could assist identity theft) from another frame.

So far, so normal. An important update and you should apply it. Hopefully if you're clued-up about computer security you're ensuring that you are keeping yourself informed of all the latest patches and fixes to your favourite applications and plug-ins. With web browsers it's particularly important, of course, as so much malware today arrives via the web.

But what was particularly interesting to me was another fix that is contained in this version of Chrome. Apparently it also fixes a compatability issue that has been plaguing people who have been trying to use Google's browser to access Hotmail.

And how have the wizards at Google who write the browser fixed this problem? Well, when Chrome now visits urls that end with mail.live.com it sends a user agent string to pretend that it's Apple's Safari browser instead!

For its part, Microsoft says that it will roll out a new version of Hotmail that is properly Google Chrome compatible.

The guys at Google and Microsoft have been involved in what looks suspiciously like a minor cat-fight about which of them has done a better job at dealing responsibly with the Chrome/Hotmail incompatibility.

Come on boys - put down your handbags.

, , , , ,

You might like

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.