The updated Chrome browser release – version 10.0.648.205 for Windows, Mac, Linux and Chrome Frame – includes security fixes for three vulnerabilities. Google paid out a total of $1500 to two individuals for identifying two of the three bugs. The remaining bug was identified by a member of the Chrome security team.
All three vulnerabilities were classified by Google as “critical”.
As per Google’s usual process, details on the vulnerabilities have not been made public until users have a chance to update their browsers.
The release contains a new version of Adobe Flash Player. Google’s update for the media plug-in came one day before Adobe issued its own fix for a recently disclosed zero-day vulnerability (CVE-2011-0611), which was made available today.