Google Chrome turns version 6 on its second birthday
On the second anniversary of the release of the first beta version of Chrome, Google has released version 6 of its Chrome web browser into the stable and beta channels. The update includes a refreshed user interface, autofilling of forms, extension and autofill synchronisation and improvements to speed and stability.
The update, which moves the full version number up to 6.0.472.53, also includes a range of 17 security fixes to close a number of critical holes in the browsers security. The holes, rated as "high" bug Google include errors in handling integers in WebSockets, stale pointer issues with SVG filters, a use-after-free problem in Notifications and various memory corruption issues. Other lower priority fixes include fixing a popup blocker bypass and stopping homographic attacks on the URL bar.
As part of its Chromium Security Reward programme, launched earlier this year, Google has been rewarding those reporting security vulnerabilities. In total, Google has awarded more than $4,000 to those who discovered the above exploits in its browser, including Sergey Glazunov, kuzzcc, Keith Campbell, Isaac Dawson and Ashutosh Mehra and Vineet Batra of the Adobe Reader Sandbox Team.
Further details of the vulnerabilities are being withheld until "a majority of users are up-to-date with the fix". All users are encouraged to update to the latest release as soon as possible. More details about the Stable and Beta channel update can be found in a post on the Google Chrome Releases Blog.
Chrome 6.0.472.53 is available to download for Windows, Mac OS X and Linux from google.com/chrome. Users who currently have Chrome installed can use the built-in update function by clicking Tools, selecting About Google Chrome and clicking the Update button.
- Back to the future: two years of Google Chrome, a Google Chrome Blog post.
- Google's security team redefines "responsibility", a report from The H.
- Google invites attacks on Chrome, a report from The H.