Google plugs three high-risk holes in Chrome 20

The bugs fixed by Google include use-after-free in counter handling, user-after-free in layout height tracking, and bad object access with JavaScript in PDF.

The firm doled out its usual bug bounties, awarding $2,000 to “miaubiz” for help with the first two, and nothing to Alexey Samsonov for help with the third bug because he works for Google.

Google said that “many of these bugs were detected using AddressSanitizer.” How many is many? Two...

The company also announced the arrival of Chrome 20 for Chrome OS. The build contains a number of security and stability improvements, including support for Google Drive, offline support for Google Docs, firmware update for Chromebook Series 5 550, updates to Pepper Flash, introduction of redesigned UI to Cr-48 systems, switch to open source touchpad drive on Cr-48 systems, and crash fixes.

Earlier this week, Google unveiled a beta version of Chrome 21 with a fully sandboxed version of Adobe Flash, observed Dennis Fisher on Kaspersky Lab’s threatpost blog.

Comments from the Slack Space...
Maybe Alexey Samsonov should become an independent researcher so he can earn bug bounties?


What’s Hot on Infosecurity Magazine?