Google's Password Alert extension for Chrome, which was released on Wednesday, has received its first critical security update less than 24 hours later, as infosec consultant Paul Moore came up with a simple exploit that bypasses it.
Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle's Java plugin and other plugins that use the old NPAPI (Netscape Plugin API).
Google is done with tolerating sneaky ad injectors and, following the results of a study they recently conducted, they removed from the Chrome Web Store 192 deceptive Chrome extensions that affected 14 million users.
Google is scrapping its annual Pwnium hacking competition which has been held for four years in a row at the CanSecWest conference in Vancouver, Canada, but that doesn't mean that security researchers can't send their Chrome and Chrome OS exploits to Google and collect a monetary reward.
Google is looking to minimize its users' exposure to potentially unwanted software, and to that end they have announced a few changes.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.