/>
X

Google fixes severe vulnerabilities in Chrome browser update

Google's latest Chrome update patches critical issues resulting in cash rewards for researchers.
charlie-osborne.jpg
Written by Charlie Osborne, Contributor on

Google updated the Chrome browser on Tuesday with a round of security fixes which patch up three critical issues.

screen-shot-2016-03-10-at-09-05-21.jpg

According to a post on the Chrome releases blog, the latest stable release for Chrome, version 49.0.2623.87 for Windows, Mac, and Linux, includes fixes for a number of vulnerabilities discovered by security researchers.

The first major security issue, CVE-2016-164, is a type confusion vulnerability which impacts Blink, a rendering engine used by Google Chrome.

The researcher earned themselves $5000 for submitting their findings.

The second critical flaw, CVE-2016-1644, also affects Blink. This security issue is a use-after-free vulnerability, a memory corruption problem which may allow attackers to execute remote code, and has been deemed serious enough to warrant a reward of $3500.

The third vulnerability, CVE-2016-1645, is an out-of-bounds write issue in PDFium, Google's PDF library which was given to the open-source community in 2014. The issue was discovered and submitted by a researcher working alongside HP's Zero Day Initiative, and if a reward is involved, it has not been disclosed.

As usual, Google is keeping its mouth closed on the specific, technical nature of these vulnerabilities until the "majority" of uses have downloaded and installed the update.

"We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed," the tech giant notes.

Users can visit the Chromium security page for more information.

Top tips to stay safe on public Wi-Fi networks

Read on: Top picks

Related

CERN is firing up its Large Hadron Collider at record energy levels, in search of dark matter
cern-photo-202011-145-2.jpg

CERN is firing up its Large Hadron Collider at record energy levels, in search of dark matter

Innovation
This is the ultimate security key. Here's why you need one
Yubikey 5C NFC

This is the ultimate security key. Here's why you need one

Security
He flew American Airlines, she flew United. For both, the unthinkable happened
screen-shot-2022-06-30-at-10-14-36-am.png

He flew American Airlines, she flew United. For both, the unthinkable happened

Business