Client Login
 Quick Contact
High Risk Vulnerabilities in Google Chrome
Category : General 29 Jul 2010 03:36 AM | Industry News
Google has released version 5.0.375.125 of Chrome, a security update that addresses three "high" risk vulnerabilities in its WebKit-based browser. According to the developers, two of the high risk issues could lead to memory corruption while SVG handling or rendering code. A third high risk problem affecting large canvases has also been addressed.
With responsible disclosure, a security researcher privately notifies a software maker of the vulnerability, announcing it only when the software maker has a fix ready. It contrasts with full disclosure, which gives no such grace period but which also lets users of the software know as soon as possible they may be affected. After all, a computer attacker might have discovered the vulnerability independently and could be exploiting it before the software company has a fix prepared.
Also through its program to reward those who find Chrome security holes, Google issued payments to people who found three high-risk vulnerabilities and one medium-risk vulnerability. The final issue, a low-risk problem, elicited no payment.
As per Google’s usual practice, technical details of the vulnerabilities were hidden from public view to prevent attackers from leveraging the information before most users have upgraded.