7 Security Holes Addressed with Release of Chrome 23.0.1271.91

Users are advised to update their installations to the latest version

By Eduard Kovacs on November 27th, 2012 10:57 GMT

The stable channel of Chrome has been updated to 23.0.1271.91. Besides fixing flash audio problems and Windows Server 2003 issues, Google also addressed a total of 7 security holes, some of which could have been exploited by cybercriminals to execute arbitrary code.

Justin Drake has identified a high-impact issue caused by corrupt rendering in the Apple OSX driver for Intel GPUs. For his findings, the search giant rewarded him with $1,000 (800 EUR).

Other high-impact vulnerabilities, discovered by miaubiz and Jüri Aedla of the Google Chrome Security Team, were caused by a use-after-free bug in SVG filters and a buffer underflow in libxml.

Atte Kettunen of OUSPG was rewarded with $500 (400 EUR) for finding an out-of-bounds read in Skia.

Two additional medium-severity vulnerabilities have been identified by members of the Google Chrome Security Team. Attila Szász has been credited for locating a low-impact flaw.

Users are advised to install the latest version to protect themselves against cybercriminal operations that might leverage these vulnerabilities.

Google Chrome for Windows is available for download here
Google Chrome for Mac is available for download here
Google Chrome for Linux is available for download here
Google addresses vulnerabilities in Chrome
   Google addresses vulnerabilities in Chrome
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments