Chrome 23 has been released and besides the significant feature improvements, Google has also addressed a number of 14 vulnerabilities to ensure that their customers are protected against potential cyberattacks.
The high-severity security holes fixed in Chrome 23 include a use-after-free in SVG filter handling, an Integer bounds check problem in GPU command buffer, a use-after-free in video layout, a memory corruption in texture handling, a bad write in v8, and an issue with a buggy graphics driver that only affects Macs.
The medium-severity flaws refer to an integer overflow leading to out-of-bounds read in WebP handling, an out-of-bounds array access in v8, a race condition in Pepper buffer handling, a bad cast in input handling, out-of-bounds reads in Skia, a use-after-free in extension tan handling, and a use-after-free in plug-in placeholder handling.
As usual, the researchers who have identified the vulnerabilities have been rewarded. Miaubiz got a total of $3,000 (2,340 EUR), Phil Turnbull got $3,500 (2,700 EUR) and Atte Kettunen was given $2,500 (1,950 EUR).
Google Chrome for Windows is available for download here
Google Chrome for Mac is available for download here
Google Chrome for Linux is available for download here