|
Chrome 10 update patches security vulnerabilities |
|
|
|
Source: H Security - Posted by Anthony Pell
|
Google has released version 10.0.648.204 of its Chrome web browser, a maintenance and security update to the Chrome 10 stable branch. The update addresses a total of six vulnerabilities in the WebKit-based browser that can be "exploited by malicious people to compromise a system" and rates all of them with a "High" priority. Secunia, for example, rates the vulnerabilities as highly critical.
According to Google, one of the high risk issues relates to a buffer error in base string handling, while two others have to do with use-after-free, where memory is deallocated but later accessed, in the frame loader and in HTMLCollection. The other issues range from a stale pointer in CSS handling and in SVG text handling, as well as a DOM tree corruption bug. The update also includes several performance and stability fixes and adds support for the browser's password manager on Linux systems.
As part of its Chromium Security Reward programme, Google rewarded those who reported security vulnerabilities with a total of $8,500, of which $7,000 went to developer Sergey Glazunov alone. Further details of the Chrome vulnerabilities are being withheld until "a majority of users are up-to-date with the fix".
Read this full article at H Security
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
