6 High-Severity Vulnerabilities Fixed with the Release of Chrome 25.0.1364.152

A total of 10 security holes have been addressed by Google

  10 vulnerabilities addressed in the latest Chrome 25
Google has updated the stable channel of Chrome to 25.0.1364.152. The latest release addresses ten vulnerabilities, including 6 high-severity issues.

Google has updated the stable channel of Chrome to 25.0.1364.152. The latest release addresses ten vulnerabilities, including 6 high-severity issues.

Two of the high-severity security holes – a use-after-free with SVG animations, and a memory corruption in Web Audio – have been identified by Atte Kettunen of OUSPG. For his findings, Google has awarded the researcher with $3,000 (2,300 EUR).

Other high-severity security flaws include a use-after-free in frame loader discovered by Chamal de Silva, and a use-after-free in browser navigation handling found by “chromium.khalil.”

Jüri Aedla, of the Google Chrome Security Team, has uncovered a possible path traversal in database handling and a memory corruption in Indexed DB, both being assessed as being high-risk vulnerabilities.

In addition to these security holes, three medium-severity issues have also been found by members of the Google Chrome Security Team and the Chromium development community.

Russian security expert Egor Homakov has reported a referer leakage with XSS Auditor.

Chrome for Windows is available for download here
Chrome for Mac is available for download here
Chrome for Linux is available for download here

Comments