In association with heise online

25 May 2011, 09:44

Chrome 11 update patches critical holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Google Chrome Logo Google has released version 11.0.696.71 of its Chrome web browser, a maintenance and security update that addresses a total of four security vulnerabilities, two of which are rated as critical: the new version fixes a critical memory corruption bug in the GPU command buffer and an out-of-bounds write problem in blob handling discovered by Kostya Serebryany of the Chromium development community.

A high-risk exploit – a stale pointer in floats rendering – won Martin Barbella $1,000 for reporting the vulnerability to Google as part of its Chromium Security Reward programme; that exploit along with a low-risk bug that bypassed the pop-up blocker have also been closed. Further details of the vulnerabilities are being withheld until "a majority of users are up-to-date with the fix". Four bugs have also been fixed, including a regression affecting LinkedIn.com and a stats issue related to Mac plug-in crashes.

Details about the security update can be found in a post by Google Chrome Product Manager Karen Grunberg on the Google Chrome Releases blog. Chrome 11.0.696.71 is available to download for Windows, Mac OS X and Linux. Users who currently have Chrome installed can use the built-in update function by clicking Tools, selecting About Google Chrome and clicking the Update button.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1250075
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit