It's Beta software, it was inevitably going to have some bugs. This bug, however, is a little bit embarrassing for the good folks over at Google. RWW has an article that describes a potentially nasty security hole made possible by Chrome, a known Java bug, and an un-patched WebKit.

You can read the whole article here, but the gist of it is that users can be duped with relative ease into executing just about any Java program that an attacker wants. That's bad. Very, very bad, in case you weren't already sure.

"It's Beta software!" you say, "There's no embarrassment there!". I'd generally agree, but RWW goes on to mention the part where this is a known bug with an old version of Apple's WebKit, and could have been avoided had Google used a more recent version as a basis for Chrome.

Yes, it's Beta software, yes, it requires user interaction to execute, but this is still a pretty nasty bug, stemming from an easily avoided, well-known issue. That's bad, last I checked.

This isn't a horrendous issue as I'm sure Google will just update the version they're using before general release, but for the thousands (millions?) of people that are already using Chrome, you might want to be careful what you click on.

#Colin