Yup, it’s out, Google’s latest open source web browser, the Google Chrome has been slightly delayed as we mentioned yesterday but it all looks great. While many users are currently experiencing it for the first time, including myself, a number of excellent reviews are being published at the same time.

For example, Technology Bites have already said that its fast and awesome, while the popular Mashable have also released a post describing seven awesome benefits of using Google Chrome. From our first impressions, it was great, fast, no problems at all running on Vista or XP, simple to use, there wasn’t anything that was difficult to understand so it should probably be easy even for those who aren’t technofreaks…

So should you download it? My answer at the moment is probably yes for the fun of it and no if you’re planning on doing your daily websurfing on it. You see, just hours after downloading Chrome, while I was actually using it I came across ZDNet which had discovered via researcher Aviv Raff that Google Chrome isn’t actually as safe as Google had thought and worst, we as users trying out for the first time had no bloodly idea that it wasn’t actually as safe as it looks on the outside…

So what’s unsafe about using Google Chrome? Well according to ZDNet’s simplified version to explain this…

Aviv Raff discovered that he could combine two vulnerabilities — a flaw in Apple Safari (WebKit) and a Java bug discussed at this year’s Black Hat conference — to trick users into launching executables direct from the new browser.

Raff has cooked up a harmless demo of the attack in action, showing how a Google Chrome users can be lured into downloading and launching a JAR (Java Archive) file that gets executed without warning.

In the proof-of-concept, Raff’s code shows how a malicious hacker can use a clever social engineering lure — it requires two mouse clicks — to plant malware on Windows desktops.

The Google Chrome user-agent shows that Chrome is actually WebKit 525.13 (Safari 3.1), which is an outdated/vulnerable version of that browser.

Apple patched the carpet-bombing issue with Safari v3.1.2.

Some Google Chrome early adopters using Windows Vista are reporting that files downloaded from the Internet are automatically dropped on the desktop, setting up a scenario where a combo-attack using this unpatched IE flaw could be used in attacks.

So as we mentioned, you would probably be better off not using it for your everyday websurfing and all your important stuff like internet banking. However, if you’re up for some fun and want to try out the latest browser and check out some new browser functions, there is absolutely no harm in doing that. At the end of the day, depending on what sort of sites you often go to, the average web user is unlikely to encounter an unsafe site where a hacker uses this clever trick, but then again it’s always safer to bare that in mind.

[via Mashable, Technology Bites, ZDNet]