Google released version 51.0.2704.79 of its Chrome browser, a maintenance update for the 51.x branch that fixes 15 security bugs.
Chrome 51.0.2704.79 is only a small release, and Google has introduced it to address problems that allowed attackers to go after the browser’s security features.
Security Patches for Chrome 50
Firefox Security Issues Mitigated
XSS Filter Bypass in Edge
Google Stops Chrome Extension
While Google dealt with 15 security issues, there were two high-level bugs that could allow attackers to bypass the browser’s cross-origin code execution restrictions and run malicious code via the Blink engine and its Extensions component.
Both these issues brought in $7,500 for the researchers who discovered them.
Five other researchers also reported medium-level security bugs, with payouts ranging from $1,000 to $4,000.
These included an information leak and a use-after-free issue in the Extensions component, problems with parameter sanitization in the DevTools package, a use-after-free issue in the Autofill module, and an out-of-bounds memory read in the Skia module.
The rest of security bugs ended up discovered by Google’s employees, and some through the Chromium project.
Because this version is a maintenance release between the 51 and the 52 branches, there are no other game-changing features included in this new version.
Besides the security fixes, Google Chrome 51.0.2704.79 comes with a few bug fixes as well, mainly to address issues that forced a crash of the browser or created issues with its download file paths.