Google has shelled out $7,500 to pay for the latest batch of “high-risk” vulnerabilities affecting users of its flagship Chrome web browser.
The vulnerabilities, patches with Google Chrome 7.0.517.44, affects Windows, Mac, Linux and Chrome Frame users. The most serious could lead to remote code execution (drive-by download) attacks.
[ Study: Silent patching best for securing browsers ]
Here’s an outline of the security fixes and bounty payouts:
- [51602] High Use-after-free in text editing. Credit to David Bloom of the Google Security Team, Google Chrome Security Team (Inferno) and Google Chrome Security Team (Cris Neckar).
- [$1000] [55257] High Memory corruption with enormous text area. Credit to wushi of team509.
- [$1000] [58657] High Bad cast with the SVG use element. Credit to the kuzzcc.
- [$1000] [58731] High Invalid memory read in XPath handling. Credit to Bui Quang Minh from Bkis (www.bkis.com).
- [$500] [58741] High Use-after-free in text control selections. Credit to “vkouchna”.
- [$1000] [Linux only] [59320] High Integer overflows in font handling. Credit to Aki Helin of OUSPG.
- [$1000] [60055] High Memory corruption in libvpx. Credit to Christoph Diehl.
- [$500] [60238] High Bad use of destroyed frame object. Credit to various developers, including “gundlach”.
- [$500] [60327] [60769] [61255] High Type confusions with event objects. Credit to “fam.lam” and Google Chrome Security Team (Inferno).
- [$1000] [60688] High Out-of-bounds array access in SVG handling. Credit to wushi of team509.
Google uses a silent/automatic updating utility to patch its Chrome browser.
