Apart from faster web page loading, the recent launch for Google Chrome 27 stable also includes several security fixes, nine of them labeled as having a “high” risk and being credited to external researchers.

The security glitches reported from external sources were rewarded with a little over $14,500/11,250EUR (cumulated).

Exploitable flaws included mostly use-after-free errors (in SVG, media loader, handling of Pepper resource, widget and speech handling, in style resolution and race condition with workers); but the list also mentions bad cast in clipboard handlings and memory safety problems in Web Audio.

Lower-risk vulnerabilities fixed in Chrome 27.0.1453.93 refer to an out-of-bounds read in V8 engine, possible data extraction with XSS Auditor and cross-site scripting risk with drag and drop or copy and paste actions.

Google Chrome’s security team also plugged a set of 24 high-risk flaws, ten medium ones, while six of them were flagged as presenting a lower risk.

About the Author

By Unknown on 07:14. Filed under Internet . Follow any responses to the RSS 2.0. Leave a response