This bug was discovered by an Indian security researcher, Akshay C.S. and is caused to improper handling of intent parameter by Chrome for Android. This issue is similar to an issue where 16 special characters could crash Chrome Browser on Windows PCs and Laptops. Though the bug discovered by Akshay is not as serious as the special character bug, it can bring down the Chrome browser in Android smartphones and tablets. Like the special character bug, this bug instantaneously crashes Chrome browser in Android and can be used for pranks. According to Akshay, this bug affects Chrome running on only the Android platform while Chrome on other platforms remains unaffected. To try this yourself, fire up Chrome 46 or below and click the link below/enter “tinyurl.com/chromecrashes” from Chrome browser on Android. [Note: tinyurl.com seems to be offline at several times, if that doesn’t work, click the link mentioned below]. A big difference between the special character bug and this one is that the previous bug crashed the browser by just hovering the cursor over the link while this one won’t crash the browser unless you explicitly click on the link or enter it in the browser’s address bar. This is because the link doesn’t contain any special characters or sequences that’ll crash. Akshay says that this crash bug affects all versions including Version 46.0.2490.76 and below. At the time of writing, this is the latest stable version available. Thus this affects all versions of Chrome so far released for Android (at the time of writing this). Akshay has filed a bug report on crbug.com (Issue 555925) on November 14, and by the day 3 after filing this, this was fixed internally in the code (Thanks, Google!), but the fix will only be available with the next Chrome Release update. as said above, the bug can be used by pranksters to crash browsers on friends’ Android smartphones. 301/302 the link with the help of a URL shortening service like tinyURL and you’ll get a link that’s indeed a valid URL like https://tinyurl.com/check-this-magic that can be used to crash. Send it to a Nexus owner/Chrome user in a chat, and he/she will be confused at what’s happening! Why is this happening? According to Akshay, when you enter the above URL in Chrome or click on it, it sends out (or broadcasts) an intent, which targets chrome. What’s an Intent?, if you ask, then from this wiki: From the link, the receiver that is targeted is Chrome, Akshay used scheme=chrome in that intent. This intent is monitored (received) by Chrome handler, and Chrome tries to handle it  triggering the activity that’s mentioned here (editbookmark).  The application can use broadcast receivers to monitor system events from the Android OS as well as custom broadcasts sent by other applications.  The application will need to know the name of the broadcast actions in order to monitor them. The Android crash log output made it clear: Android security team acknowledged the bug and has issued a fix which will be available in the next release of Chrome for Android. You can read the full report here: https://code.google.com/p/chromium/issues/detail?id=555925 Sadly, Akshay was not eligible for Android bug bounty as the Google engineers deemed it to be a DOS vulnerability.