Stable, Beta update: Yahoo! Mail and Security Fixes
Google Chrome's Beta and Stable channels have been updated to 18.104.22.168. (Note, we won't have a different release for the Beta channel until we have something Beta-worthy come out of the Dev channel in February.)
This release fixes issues with two popular webmail providers:
Sending mail from Yahoo! Mail works again.
Windows Live Hotmail now works. While the Hotmail team works on a proper fix, we're deploying a workaround that changes the user agent string that Google Chrome sends when requesting URLs that end with mail.live.com.
If you've been using the --user-agent switch to use Hotmail, you can remove the switch from your shortcuts with this release.
This release also includes two security updates.The release notes have the full list of changes.
Work around for "Adobe Reader Plugin Open Parameters Cross-Site Scripting Vulnerability"
CVE: CVE-2007-0048, CVE-2007-0045
Severity: Moderate. This could allow a PDF document to run scripts on arbitrary sites.
Credit: Thanks to Michael Schmidt for reporting this responsibly to Google.
Severity: High. A malicious script in a page could read the full URL of another frame, and possibly other attributes or data from another frame in a different origin. This could disclose sensitive information from one website to a third party.