![[+]d'ZheNwaY's Blog[+]](http://feeds.feedburner.com/blogspot/YRtWp.1.gif)
Summary: The new Google Chrome version 14.0.835.202 also contains Adobe Flash Player 11, a software update that includes several security and privacy goodies.
Google has shipped another Chrome browser update with fixes for several “high-risk” security vulnerabilities that expose Windows, Mac OS X and Linux users to malicious hacker attacks.The new Google Chrome version 14.0.835.202 also contains Adobe Flash Player 11, a software update that includes several security and privacy goodies.
As part of its bug bounty program, Google spent about $10,000 to buy the rights to the vulnerability information from security researchers.
Details on the vulnerabilities:
- [$1000] High CVE-2011-2876: Use-after-free in text line box handling. Credit to miaubiz.
- [$1000] High CVE-2011-2877: Stale font in SVG text handling. Credit to miaubiz.
- [$2000] High CVE-2011-2878: Inappropriate cross-origin access to the window prototype. Credit to Sergey Glazunov.
- [96150] High CVE-2011-2879: Lifetime and threading issues in audio node handling. Credit to Google Chrome Security Team (Inferno).
- [$4500] High CVE-2011-2880: Use-after-free in the v8 bindings. Credit to Sergey Glazunov.
- [$1500] High CVE-2011-2881: Memory corruption with v8 hidden objects. Credit to Sergey Glazunov.
- [98089] Critical CVE-2011-3873: Memory corruption in shader translator. Credit to Zhenyao Mo of the Chromium development community.
This latest Chrome patch is being delivered via the browser’s silent update mechanism.
Tidak ada komentar:
Posting Komentar