In association with heise online

05 June 2013, 10:41

Security update for Chrome 27

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Google Chrome Security icon Google has posted a security update for its Chrome browser and Chrome Frame platform. The update fixes one security vulnerability rated as critical, nine rated as high and one rated as medium. There was also a rollup set of fixes included as a high severity flaw which contained bugs found through auditing, fuzzing and other in-house security processes.

The critical hole, memory corruption in SSL socket handling, and one of the high rated holes, didn't result in any bounty being paid, but the remaining eight high and medium severity holes saw nearly $10,000 being paid out. One high severity flaw, a use-after-free problem with workers access database APIs, earned $1,337, an amount that typically identifies a particularly interesting problem being identified, but this was not the largest bounty paid. That went to a Windows-only problem where bad handles were being passed to the renderer and earned the discoverer, Colin Payne, $2,000.

Existing installations of Chrome on Windows, Mac OS X and Linux should update automatically. Other users can download the browser or the Chrome Frame IE plug-in from Google.



  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit