22 Security Holes Fixed with the Release of Chrome 25

Independent researchers have been rewarded with $3,500 (2,600 EUR)

  22 vulnerabilities have been addressed in Chrome
A total of 22 vulnerabilities, two of which only affect Mac or Linux versions, have been fixed by Google with the release of Chrome 25.

A total of 22 vulnerabilities, two of which only affect Mac or Linux versions, have been fixed by Google with the release of Chrome 25.

The high-severity security holes include a memory corruption with web audio note identified by Atte Kettunen of OUSPG, a use-after-free in database handling discovered by Chamal de Silva, and a bad memory access with excessive SVG parameters found by Renata Hodovan.

Other high-severity flaws reported by the members of Google Chrome Security Team and the Chromium development community include an integer overflow in blob handling, a buffer overflow in vorbis decoding, a memory management issue in plug-in message handling, and a use-after-free in URL handling.

In addition to the high-severity bugs, Google has also addressed 7 medium- and 5 low-severity security issues.

The independent researchers credited for finding vulnerabilities have been awarded a total of $3,500 (2,600 EUR).

Chrome for Windows is available for download here
Chrome for Mac is available for download here
Chrome for Linux is available for download here

Comments