14 DAY TRIAL // Google has released a new stable version of its Chrome browser (7.0.517.41), which in addition to hundreds of bug fixes and new features, addresses several security issues of critical to low severity.
With Chrome 7.0.517.41, Google has made good on its promise to deliver a new stable version of the browser every six weeks.
This release fixes a total of ten security vulnerabilities. The only bug rated as critical is described as a browser crash with form autofill and was discovered by the Chromium development team.
There are five vulnerabilities rated as high, two of which were awarded with $500 through the Chromium Security Reward program.
One is an URL spoofing issue and was discovered by a regular Chrome bug hunter, who calls himself kuzzcc. The flaw was also reported independently by a security researcher named Jordi Chancel.
The second rewarded bug is credited to Simon Schaak and is a memory corruption condition triggered when processing certain animated GIF files.
The other three high-risk vulnerabilities were discovered by the Chromium developers, as well as Chris Evans and Michal Zalewski of the Google Security Team.
They concern a crash resulting from forms processing, stale elements in an element map and a sandbox-related failure on Linux.
Two medium-risk flaws, an autocomplete profile spamming credited to Inferno of the Google Chrome Security Team and a crash on shutdown discovered by Chromium developers, have also been patched.
A pop-up block bypass rated with low impact, is credited to kuzzcc, who is also commended along with Aki Helin of OUSPG for finding other bugs during the development stages.
The final security issue affects only the Linux version and stems from a bad construction of the PATH variable. Dan Rosenberg of VSR is credited for the find. Google Chrome 7.0.517.41 for Windows can be downloaded here.
Google Chrome 7.0.517.41 for Linux can be downloaded here.
Google Chrome 7.0.517.41 for Mac can be downloaded here.