Google Chrome fixes seven high-risk vulnerabilities
Google has announced updates to the Stable and Beta channels of their Chrome browser, fixing several bugs and twelve security vulnerabilities. Seven of the twelve security fixes were classed as high-risk problems and Google paid a total of $6000 to the researchers who discovered the bugs.
The update also includes a new version of the bundled Flash Player. Adobe have revised the Flash Player advisory from the end of March to include fixes for a Chrome/Flash only pair of memory corruption issues listed as CVE-2012-0724 and CVE-2012-0725. Given that these issues only affect Chrome and Chrome manages its own update, it is unlikely that Adobe will be reissuing or updating the advisory or patches for other browsers and platforms.
The seven high risk vulnerabilities are bugs that left several Chrome components open to being exploited by using memory after it had been freed. Many of these issues are detected using AddressSanitizer. The Chrome developers have also fixed several cross-origin problems and two issues where the browser could be exploited to read from memory where it shouldn't. Details of these vulnerabilities are not available yet as Google usually gives the updates some time to roll out before it publishes further information. This is done to prevent attackers from reverse engineering the vulnerabilities before the updates have a chance to reach all affected systems.
Changes in this update that are not security-related include several graphics and HTML Canvas fixes. The developers have also remedied problems with CSS rendering and bugs in the browser's UI.