Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security > Security Fixes and Improvements

February 9th, 2012, 13:15 GMT · By

Chrome 17 Comes with 20 Security Fixes

SHARE:

Adjust text size:

Google Chrome 17 comes with major security fixes
Enlarge picture
The latest variant of the popular web browser, Chrome 17, not only brings new malicious file scanning technologies and page preloading features, but also patches some major security vulnerabilities found by researchers as part of Google’s bug bounty program.

A number of 20 security holes were identified in the previous versions and patched up to ensure that cybercriminals can’t leverage them to launch attacks against Chrome customers.

The list of low severity issues that were addressed covers crashes when the database is utilized excessively, when unusual certificates are used, and in signature check. Other similar weaknesses include a URL bar confusion after drag and drop operations, and a clipboard monitoring issue after Paste events.

A total of $2,500 (1,700 EUR) was awarded to researchers who identified medium severity flaws that exposed Chrome to potentially malicious operations. These vulnerabilities include an out-of-bounds read in audio decoding, in path clipping, PDF fax image handling, in libxslt, and shader translator.

The high severity risks were rewarded with $8,000 (5,600 EUR) and included use-after-free conditions in PDF garbage collection, in mousemove events, SGV layout, and CSS handling. Bad casts with column spans, a buffer overflow in locale handling, and a crash when aborting an IndexDB transaction were also present in previous variants of Chrome.

Shawn Goertzen received $1,000 (700 EUR) for identifying a critical vulnerability that resulted in a race condition after a crash of the utility process.

Besides members of the Chromium development community, other people that contributed to making sure the latest version is more secure include miaubiz, Drew Yao and Braden Thomas of Apple, Sławomir Błażek, Aki Helin of OUSPG, Chamal de Silva and Atte Kettunen of OUSPG.

Users are advised to immediately update their Chrome browsers to the latest stable version not only to benefit from the latest features, but also to protect themselves against threats that may rely on the aforementioned weaknesses.

Google Chrome 17 for Windows is available for download here
Google Chrome 17 for Linux is available for download here
Google Chrome 17 for Mac is available for download here


1,896 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


RealPlayer 15.02.71 Addresses 7 Highly Critical Vulnerabilities
Kelihos Not Resurrected, New Malware Used to Create Botnet
Vulnerability in HTC Android Allows Hackers to Steal Wi-Fi Passwords
PHP 5.3.10 Released to Fix Remote Code Execution Flaw
Mozilla Fixes Five Critical Vulnerabilities with Firefox 10

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use