Albuquerque, NM -- (SBWIRE) -- 11/11/2010 -- In yet another security update, Google reported High-risk vulnerabilities found by Information Security Professionals. Patch released addresses 11 vulnerabilities out of which, one is critical, while 5 others are rated high. Often major software companies rely on ethical hacking to uncover vulnerabilities in code or the systems they are hosted on. In this case, Google locked down its bug tracking database to hide the details of the vulnerabilities, but ethical hacking was used by information security professionals to uncover the vulnerabilities. Google paid a thousand dollars bounty to the information security professionals for their findings. A problem with the autofill feature of Chrome, which facilitates automatic entry of names, credit card numbers and contact numbers on a website form, is identified as the cause of the vulnerability.

Users experienced problems with the browser on the submission of a form on a website. The autofill feature was leading to browser collapse on form submission. The critical vulnerability is revealed at a time, when Chrome is slowly gaining user base. Firefox, Internet Explorer and Opera are other major Internet browsers popular among users. Of the remaining 6 vulnerabilities, three are rated as high risk and two as low risk vulnerabilities.

Google aims to hasten the development of Chrome by releasing new versions at regular intervals. Chrome is compatible with Windows, Mac and Linux operating systems. Hackers are always on the lookout to find vulnerabilities and breach browsers, networks and systems. There is always a time lag between the release of a patch and its update by users. Hackers take advantage of this time gap and slow response to security updates by users. Users can keep track of the security updates and releases from software developers to identify and apply right security patches for their security products. Adhering to security advisories, regularly installing anti-virus and anti-spyware solutions can help individuals and organizations to protect their systems and networks.

EC-Council provides industry training and certification for information security professionals in ethical hacking among many other specializations. “Understanding how hackers exploit these vulnerabilities is a key requirement to hardening software and hardware. That is why EC-Council focuses on ethical hacking as an approach to information security evaluation” as stated by EC-Council’s Senior Director, Steven Graham. EC-Council through its Certified Ethical Hacker program has trained such information security professionals from all over the world.

About EC-Council
The International Council of E-Commerce Consultants EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker, Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA) /License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted security conferences. The global organization is headquartered in Albuquerque, New Mexico.

Press Contact
Steve Graham
6330 Riverside Plaza Ln NW
Suite 210
Albuquerque, NM 87120
Steve.graham@eccouncil.org
505-341-3228