Skip to main content
  1. Home
  2. Web
  3. News

This string of 16 characters will crash Chrome

By

chrome cant handle this string of 16 characters google
tanuha2001/Shutterstock
This is not Google’s finest hour: Following on the heels of news that hacking Android Lollipop is as easy as typing a long string of characters comes word that a string of 16 characters can crash Google’s Chrome web browser — and you don’t even have to type it into the address bar.

The bug was exposed by Latvia-based software engineer and security researcher Andris Atteka, who shared his discovery in a blog post. In his example, he used a 26-character string to crash Chrome. However, VentureBeat used this 16-character string, which also crashes the browser: http://a/%%30%30

A user doesn’t even have to type or paste the string into their browser address bar – simply hovering over or tabbing to the live link will crash the user’s current tab and any other tab that has the link. Sometimes the link will crash the entire browser.

Related

The issue appears to affect Chrome for Windows, Chrome for Mac, and Chrome for Linux, but not Chrome for Android. It may also affect Opera users, according to a Slashdot comment thread.

Atteka reported the bug to Google but did not receive a bounty because it’s not deemed a security threat. Old code seems to be part of the issue, according to a Chromium team member.

Two similar issues were discovered and fixed earlier this year, VentureBeat notes.

Editors’ Recommendations

Topics
Jason Hahn
Jason Hahn
Contributor
Jason Hahn is a part-time freelance writer based in New Jersey. He earned his master's degree in journalism at Northwestern…
Here’s why you need to update your Google Chrome right now
Google Chrome opened on a laptop.

Google has just released a new version of Chrome, and it's crucial that you get your browser updated as soon as possible.

The patch was deployed to fix a major zero-day security flaw that could potentially pose a risk to your device. The latest update is now available for Windows, Mac, and Linux -- here's how to make sure your browser is safe.

Read more
Chrome just added a great new way to protect your passwords
The Google Chrome logo on a black phone which is resting on a red book

Chrome will soon let you use biometric data to autofill forms online, according to Chrome Unboxed. This is something Safari has allowed for years on Mac, but if you use Chrome, you must confirm the details by reentering your password or receiving two-factor authentication notifications on another device.

The password flag was spotted in the Chromium Gerritt repository as an alternative way to authenticate yourself when autofilling your passwords stored in Chrome. It's not meant to be a replacement, and when it does roll out to the public, it appears to be a setting you need to turn on. That could change between now and then, of course.

Read more
Your Chromebook now has access to your Android phone’s photos
The Acer Chromebook Spin 514 sitting on a table in an angled front view.

The latest update for Chromebooks, ChromeOS 103, launches some of the interesting new features announced at Google I/O and CES, including the ability to see your Android phone's photos on your Chromebook.

There are three new things to look out for on your Chromebook in ChromeOS 103, but the biggest feature is the ability to instantly access the latest photos you took on your phone right on your Chromebook through Phone Hub.

Read more