A security researcher in the Microsoft Vulnerability Research (MSVR) has discovered a high risk security vulnerability that could allow an attacker to bypass cross-origin protections. Microsoft immediately warned that the move would increase the attack surface and make IE users less secure. Google has shipped a new version of the Google Chrome Frame (version 4.0.245245245) with a patch for the vulnerability. High severity issues do not permit persistent malware to infect a user s machine. We re unaware of any exploitation of this issue, Google said.
Source: https://threatpost.com/microsoft-finds-security-flaw-google-chrome-frame-111909/73136/