|
Google Chrome Makes Five Major Security Fixes
|
Posted by Donster on: 2010-03-18 16:41:16 195
|
By Paul Lilly @ MaximumPC
If you haven't done so already, be sure to grab the latest Chrome browser update (Tools Menu > About Google Chrome) and upgrade to version 4.1.249.1036. Included in the latest update are several security fixes, including five "high" priority ones. These include:
- Race conditions and pointer errors int he sandbox infrastructure
- Memory error with malformed SVG
- Integer overflows in WebKit JavaScript objects
- Cross-origin bypass
- Memory error with empty SVG element
Also bundled in are three "medium" priority and one "low" priority security fixes, but it's the high priority ones that translated into cold hard cash for the individuals who discovered them. Sergey Glazunov, for example, received a $1337 "Chromium Security Reward" for discovering the integer overflows in WebKit JavaScript objects, while the other high priority bugs netted anywhere from $500 to $1000 for their discovery.
The latest Chrome release also comes with a few new features, including a translate infobar, certain privacy features, and disabling the experimental anti-reflected-XSS feature called "XSS Auditor."
|
|
News Source: Email
|
|
