Available for download

Apr 21, 2010 07:31 GMT  ·  By

The latest update delivered to the Stable channel of Google Chrome is designed to introduce no less than seven patches for vulnerabilities affecting the browser. Users should download the refresh as soon as possible and make sure that all the security holes are plugged. Patches will render useless any attacks targeting the vulnerabilities they’re designed to resolve, and, in this regard, keep users safe.

The latest Stable release of Google’s open source browser was available for download only to Windows users, Mark Larson, Google Chrome Team, noted. Google Chrome Build 4.1.249.1059 fixes four vulnerabilities rated as High, and three considered to pose only a Medium risk to users.

Larson provided a list with all the security issues resolved by Chrome 4.1.249.1059. “[39443] High Type confusion error with forms. [39698] High HTTP request error leading to possible XSRF. [40136] Medium Local file reference through developer tools. [40137] Medium Cross-site scripting in chrome://net-internals. [40138] High Cross-site scripting in chrome://downloads. [40575] Medium Pages might load with privileges of the New Tab page. [40635] High Memory corruption in V8 bindings,” he stated.

According to Larson, the majority of the security holes were discovered by the Google Chrome Security team. However, bug 39443 and bug 40635 were reported by a security researcher outside of Google. The Mountain View search giant has an incentive program in place for researchers that report vulnerabilities in Google Chrome and the underlying Chromium open source project. In this regard, the two vulnerabilities mentioned above qualified for the Chromium Security Reward, and Google paid $500 for each issue.

The Chromium Security Reward is designed to increase the security of Google’s browser, by rewarding researchers that report vulnerabilities in the browser. As long as the reported security problems meet certain criteria, Google is willing to pay to have them reported responsibly, rather than disclosed in the wild.

The latest release of Google Chrome 4.1 for Windows is available for download here.