14 DAY TRIAL // Besides the features and improvements brought by Google researchers to the new version of Chrome, they also made sure that several security vulnerabilities are taken care of, including ones that allowed the BEAST to attack.
To motivate independent and outside researchers in identifying bugs, Google rewards the founder of each issue with a certain amount of money. With the new release, more than $25,000 (17,000 EUR) were given to those that contributed to the safety of the latest variant.
The largest amount of bounty, representing just over $12,000 (8,400 EUR), was earned by Sergey Glazunov who reported cross-origin policy violations. Miaubiz received half of the amount for a stale style bug that led to a use-after-free vulnerability that could have allowed for an attacker to execute arbitrary code.
Out of the total of 18 fixes, 11 were cataloged as representing a high vulnerability level. A Chromium development community member discovered one of them in the form of an exposure to internal V8 functions.
Other high-level threats were found as out of bound writes in V8, a heap overflow problem in Web Audio and a use-after-free flaw in the handling of video sources, the finders being rewarded with $4000 (2800 EUR) for their efforts.
The medium importance weaknesses included the possibility of cookie theft with JavaScript URLs and a race condition in the worker process initialization.
A problem that concerned the stripping whitespace at the end of download filenames was also taken care of and an XSS issue in appcache internals page was fixed.
To make sure their product is not affected by the BEAST, Google updated the browser's NSS network library to include a defense mechanism against the notorious SSL attack. The newly implemented defense system may expose bugs in Brocade hardware, but it seems as the vendor is already working to fix the problem.