Chrome 15 update fixes high-risk vulnerability
Google has released version 15.0.874.121 of its Chrome web browser to address a high-risk out-of-bounds write vulnerability in the V8 JavaScript engine. As part of its Chromium Security Rewards programme, Google paid security researcher Christian Holler $1,000 for discovering and reporting the hole. Additional details of the vulnerability are being withheld until "a majority of users are up-to-date with the fix".
The maintenance and security update to the WebKit-based browser also upgrades the V8 engine to version 3.5.10.24 and fixes a regression related to SVG in iframes. Chrome 15.0.874.121 is available to download for Windows, Mac OS X and Linux from google.com/chrome. Users who currently have Chrome installed can use the built-in update function.
See also:
- Stable Channel Update, a Google Chrome Releases blog post.
- Chrome 15 brings redesigned New Tab page, closes holes
(crve)