The host is installed with Google Chrome before 13.0.782.107 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog. Successful exploitation could allow attackers to modify the products functionality via a Trojan horse extension.