I was updating the browsers on one of my VMware images today:



And I updated Google Chrome to version 3.0.195.24:



Version 3.0.195.24 resolves a security vulnerability which could allow an attacker to run arbitrary code within the Google Chrome sandbox.

Only… the update didn't delete the vulnerable files during installation:



So while Chrome may no longer be using the vulnerable file, the old chrome.dll remains on my VMware system:



If something such as Sun Java can finally uninstall old versions, don't you think Google Chrome should be able to do so too?

Does anyone else notice this on their systems?

Signing off,
Sean