Chrome 18 Updated; Closes Holes

Wednesday, May 2, 2012 @ 11:05 AM gHale


Google released a new update to the stable 18.x branch of its Chrome web browser to close security holes in the application.

The update, labeled 18.0.1025.168, addresses five vulnerabilities, three of which fall into the “high severity” category.

RELATED STORIES
Mozilla Goes Silent with Firefox Update
Opera 12 Beta Boosts Security
Mozilla Blacklists Java Plug-in
Chrome 18 Closes Security Holes

These include use-after-free problems in floating point handling and the XML parser. The AddressSanitizer detected all of these bugs.

As part of its Chromium Security Vulnerability Rewards program, Google paid a security researcher by the name of “miaubiz”, who is number three in the company’s Security Hall of Fame, $1,000 for discovering and reporting one of the float handling problems. The company also fixed two medium risk problems related to IPC validation and a race condition in sandbox IPC.

Further information about the update is in the announcement post on the Google Chrome Releases blog. Chrome 18.0.1025.168 is available to download for Windows, Mac OS X and Linux from google.com/chrome; existing users can upgrade using the built-in update function.



Leave a Reply

You must be logged in to post a comment.