22 Security Holes Fixed with the Release of Chrome 25

Independent researchers have been rewarded with $3,500 (2,600 EUR)

By Eduard Kovacs on February 22nd, 2013 09:14 GMT

A total of 22 vulnerabilities, two of which only affect Mac or Linux versions, have been fixed by Google with the release of Chrome 25.

The high-severity security holes include a memory corruption with web audio note identified by Atte Kettunen of OUSPG, a use-after-free in database handling discovered by Chamal de Silva, and a bad memory access with excessive SVG parameters found by Renata Hodovan.

Other high-severity flaws reported by the members of Google Chrome Security Team and the Chromium development community include an integer overflow in blob handling, a buffer overflow in vorbis decoding, a memory management issue in plug-in message handling, and a use-after-free in URL handling.

In addition to the high-severity bugs, Google has also addressed 7 medium- and 5 low-severity security issues.

The independent researchers credited for finding vulnerabilities have been awarded a total of $3,500 (2,600 EUR).

Chrome for Windows is available for download here
Chrome for Mac is available for download here
Chrome for Linux is available for download here
22 vulnerabilities have been addressed in Chrome
   22 vulnerabilities have been addressed in Chrome
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments