Google released Chrome 49 in the stable channel for Windows, Mac and Linux, issuing 26 security fixes.
The new browser release is version 49.0.2623.75 and fixes eight high severity vulnerabilities and five medium issues.
Firefox Update Fixes Flaws
Chrome Expands Safe Browsing
Password Request Warning on Firefox
Security Feature Added to Firefox
Google hasn’t released information on all of the flaws patched in this update, but did say it paid nearly $40,000 in bug bounties, with an additional $14,500 in rewards issued for security bugs present on non-stable channels.
One of the most important vulnerabilities fixed was a same-origin bypass flaw in Blink and a same-origin bypass in Pepper Plugin.
There was also a bad cast in Extensions disclosed by an anonymous researcher.
There were also two use-after-free in Blink flaws.
Google said its internal testers were also responsible for a series of fixes in the new browser release. Among these, the company includes various fixes from internal audits, fuzzing and other initiatives and said multiple vulnerabilities in V8 ended up fixed at the tip of the 4.9 branch (currently 4.9.385.26).
Access to bug details and links end up restricted until the fixes reach a majority of users, with the restrictions remaining in place for bugs that exist in third party libraries that other projects depend on but haven’t yet fixed.