Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Google Chrome leaves old versions behind when updated?

February 7th 2010 in Uncategorized

So I fire up Secunia on a PC today, and this alert appears:

image

 

But the user seems to be running the latest version:

image

 

Only one version appears in add/remove programs:

image

 

image

 

 

The extra folder, 3.0.195.38, is over 66 megabytes in size, and almost identical in content to 4.0.249.78.

 

Questions:

Can the folder 3.0.195.38 be deleted safely?

Can the bad guys use the contents of the old folder 3.0.195.38 to leverage security vulnerabilities, similar to the bad old days of Sun Java, when Java would be updated but old, vulnerable, versions of the application would be left behind which could be accessed by the bad guys and any security vulnerabilities leveraged?  There are various DLLs, a SETUP.EXE, and quite a few JS files in the old folder.

 

I’ll see what I can do about getting those questions answered.


4 comments to...
“Google Chrome leaves old versions behind when updated?”

mb

Yes, it can be deleted.
No, it does not pose a security threat (the .dlls have been unregistered)



par

The point of keeping one old version there is so that if Chrome updates while you are using it nothing bad will happen. It will go away after the next update or you can delete it manually without any harm.



Larry Seltzer

Looks like the current and previous version, as par said probably for fallback.

My concern about Chrome installations is that it’s all user-writeable. Malware running in standard user can modify or even delete your Chrome installation.



Larry Seltzer

BTW, I keep forgetting, but the user directory issue has me wondering about Terminal Servers. Is there a way to install Chrome in the All Users profile, or something like that? Otherwise on any multi-user box everyone has to have their own installation of Chrome and update it separately.


Remember the Vietnamese Language Pack malware debacle that occurred in May of 2008?  That was when Mozilla admitted that they only scanned add-ons for malware when the files were first uploaded – too bad for Firefox users if an infection was new, and not yet detectable.  After that debacle Mozilla changed their protocols to re-scan […]

Previous Entry

But some of us haven’t forgotten the past… "Spyware cybersigns point to Begg-Smith": http://www.smh.com.au/articles/2006/03/03/1141191842651.html   The SMH article links to stopscum.com which has some interesting information: http://www.stopscum.com/dale-begg-smith-adscpm-a-spyware-low-life-criminal-distributor-wins-an-olympic-gold-medal-for-australia/   Fox Sports notes that “Begg-Smith has made a small fortune from internet advertising, but he rarely talks […]

Next Entry

Archives