Chrome 11 update patches critical holes
Google has released version 11.0.696.71 of its Chrome web browser, a maintenance and security update that addresses a total of four security vulnerabilities, two of which are rated as critical: the new version fixes a critical memory corruption bug in the GPU command buffer and an out-of-bounds write problem in blob handling discovered by Kostya Serebryany of the Chromium development community.
A high-risk exploit – a stale pointer in floats rendering – won Martin Barbella $1,000 for reporting the vulnerability to Google as part of its Chromium Security Reward programme; that exploit along with a low-risk bug that bypassed the pop-up blocker have also been closed. Further details of the vulnerabilities are being withheld until "a majority of users are up-to-date with the fix". Four bugs have also been fixed, including a regression affecting LinkedIn.com and a stats issue related to Mac plug-in crashes.
Details about the security update can be found in a post by Google Chrome Product Manager Karen Grunberg on the Google Chrome Releases blog. Chrome 11.0.696.71 is available to download for Windows, Mac OS X and Linux. Users who currently have Chrome installed can use the built-in update function by clicking Tools, selecting About Google Chrome and clicking the Update button.
See also:
- Chrome 13 arrives in Dev channel, a report from The H.
- Chrome 12 Beta brings Flash cookie protection, a report from The H.
- Chrome 11: Google's web browser learns to listen, a report from The H.
(crve)