We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Google Chrome update fixes high-severity vulnerabilities and patches Flash Player

Google Chrome 17.0.963.56 fixes 12 security flaws and updates the bundled Flash Player plug-in to a new version

Google released a new version of its Chrome browser on Wednesday in order to update the bundled Flash Player plug-in and address serious security vulnerabilities.

Google Chrome 17.0.963.56 fixes 12 security flaws, seven of which are considered high severity, four of medium severity and one of low severity.

Security researcher Jüri Aedla received a special US$1,337 reward for discovering and reporting an integer overflow vulnerability in libpng, the library used by Chrome to process PNG images.

Other high-severity flaws were identified in the browser's PDF codecs, its subframe loading, h.264 parsing and path rendering components, as well as its MKV, database, column and counter node handling code.

In theory these vulnerabilities should be considered critical because they could facilitate the remote execution of arbitrary code on the targeted systems.

However, because Google Chrome has a sandboxed architecture, exploiting these vulnerabilities alone would not provide attackers with the necessary level of access to run malicious code.

Six vulnerabilities patched in this release were discovered with the help of an open-source tool called AddressSanitizer, Google Chrome engineer Jason Kersey said in a blog post on Wednesday.

Chrome 17.0.963.56 also includes a new Flash Player version that Adobe released on Wednesday, Kersey said. The Flash Player update addresses seven critical security flaws.

Google paid a total of $6,837 to security researchers who reported vulnerabilities patched in this release. The company recently expanded its Chromium Security Rewards Program to also cover vulnerabilities found in Chrome OS.


IDG UK Sites

Best Black Friday 2014 tech deals UK: Get bargains on phones, tablets, laptops and more this Black...

IDG UK Sites

Tomorrow's World today (or next year)

IDG UK Sites

25 iOS apps turn (Red) for World AIDS Day campaign

IDG UK Sites

Advanced tips for Mac OS X Yosemite: use Yosemite like an expert - 5 new tips added