May
24
2011

Google patches Chrome vulnerabilities

Google on Tuesday patched several vulnerabilities in Chrome, improving the browser's security.

The latest Chrome release, 11.0.696.71, patches two major bugs a French security company said could be used to bypass the browser's anti-exploit technology and get through the sandbox. The fixes were credited to Google's own security engineers. They bring the total amount of "critical" bugs – the category typically reserved for bugs that may let an attacker escape Chrome's "sandbox." – fixed so far this year to five.

One of the remaining pair of flaws was ranked "high" — and got the researcher who reported it a $1,000 bug bounty — while the other was labelled "low" on Google's four-step threat scoring system.

Tuesday's security update was the second for the Chrome "stable" build — the most polished version of the browser — this month.

Chrome 11 can be downloaded for Windows, Mac OS X and Linux from Google's Web site. Users already running the browser will be updated automatically.

Comments are closed.