Upgrade fixes 25 Flaws in Google Chrome
Internet giant, Google has announced a new update for the stable version of its Chrome browser for Windows, Mac and Linux operating system platforms.
The new version 29.0.1547.57 for various platforms will fix at least 25 security flaws in the browser, improve Omnibox search capability and also offer a new browser reset feature. The company has credited four researchers for the discovery of six flaws with the Chrome 29.0.1547.57 release. Three of these flaws were discovered by a researcher working under the name, "cloudfuzzer."
Google awarded $6,174 in reward money to the four researchers while cloudfuzzer alone received $3,000 of the total amount. The company has paid more than $2 million for bug discoveries to the researchers since 2010. Cloudfuzzer detected e separate use-after-free errors in Chrome that affect Extensible Stylesheet Language Transformation (XLST), media elements and document parsing. These flaws allowed researchers to use free memory to launch an attack. Google often finds use-after-free flaws with its own security resources through open-source Address Sanitizer tool.
Security researcher Krystian Bigaj received $1,337 for reporting an incomplete path sanitization issue, Alex Chapman was also given $1,337 for an integer overflow issue and Christian Jaeger was awarded $500 for reporting an information leak issue.