Because Google Chrome doesn’t have enough issues already, a security researcher has discovered that a specific string of text is capable of crashing the browser and deleting any unsaved work sitting in open tabs.
If you remember the “Effective Power” bug on the iPhone earlier this year, this bug is remarkably similar. As researcher Andris Atteka notes, in order to have it affect your browser, all you have to do is add a series of null characters to the end of a URL and press enter, or simply mouse over an active link that contains the relevant string of text.
I won’t include a direct example (as I don’t want to crash anyone’s browser), but the string looks like this: “/%%30%30” just without the quotation marks. Slap it on the end of a link if you really want to see what it looks like (but save your work first).
After testing the bug, The Guardian found that it can be replicated on Windows and OS X versions of Chrome, but doesn’t seem to crash Chrome on Android.
In the extensive discussion following Atteka’s report, Google eventually landed on a fix which has since been pushed out to Chrome’s open-source base. As of this writing, the bug still crashes any tab in which I mouse over it, so it looks like we’ll have to wait for the fix to make its way to the latest stable release of Chrome.