Chrome Update Closes Vulnerabilities

Monday, January 28, 2013 @ 01:01 PM gHale


Google released Chrome 24.0.1312.56 to the stable update channel of the open source browser, which closes five security holes, three of which are high severity, and fixes problems with mouse wheel scrolling.

Atte Kettunen of the Oulu University Secure Programming Group in Finland received $1000 for the discovery of a high severity use-after-free vulnerability in the font handling of the HTML5 canvas.

RELATED STORIES
Firefox: Silent Add-ons Possible
Chrome Updated, Fixes Security Holes
Mozilla Closes Critical Holes
Chrome Wards Off BlackHole

Ted Nakamura of the Chromium development community found a Mac OS X-only crash problem with unsupported RTC sampling rates, also rated with a high severity.

The last of the high-severity-rated holes, an unchecked array in Chrome’s content blocking, ended up fixed by the Chrome Security Team. In addition, two medium severity issues also ended up fixed.

The mouse wheel scrolling problem fixed in this update concerned situations where the browser would scroll one pixel per mouse wheel interaction when it was actually set to scroll one screen at a time. Install problems for multiple user setups under Windows when Chrome installed with administrator privileges also ended up fixed.

Chrome 24.0.1312.56 is available for Windows, Mac OS X and Linux, and as the Chrome Frame plugin for Microsoft’s Internet Explorer browser.

All versions of Chrome should update themselves automatically; on some mobile platforms the user will be prompted to perform the update. Chrome uses the open source Chromium browser project run by Google.



Leave a Reply

You must be logged in to post a comment.