Security update for Chrome 27
Google has posted a security update for its Chrome browser and Chrome Frame platform. The update fixes one security vulnerability rated as critical, nine rated as high and one rated as medium. There was also a rollup set of fixes included as a high severity flaw which contained bugs found through auditing, fuzzing and other in-house security processes.
The critical hole, memory corruption in SSL socket handling, and one of the high rated holes, didn't result in any bounty being paid, but the remaining eight high and medium severity holes saw nearly $10,000 being paid out. One high severity flaw, a use-after-free problem with workers access database APIs, earned $1,337, an amount that typically identifies a particularly interesting problem being identified, but this was not the largest bounty paid. That went to a Windows-only problem where bad handles were being passed to the renderer and earned the discoverer, Colin Payne, $2,000.