Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Google adds download defense to Chrome, patches 15 bugs

Gregg Keizer, Computerworld | June 8, 2011
Google on Tuesday updated Chrome to version 12, adding a new tool that warns users when they've downloaded files from dangerous Web sites.

It also supports Adobe Flash's new settings that let users decide if they want sites to track them with Flash cookies, also called "Local Stored Objects" (LOB).

Users can now delete Flash cookies when they clear other browser data by checking an option in Chrome's preferences panel. (The new setting is in the "Under the Hood" section of the panel; to clear LOBs, click the "Clear Browser Data" button beside the Privacy label, and check the "Delete cookies and other site and plug-in data" box.)

IE9 and Firefox already support the LOB-deletion changes to Flash 10.3, but Apple Safari users will have to wait until next month, when Safari 5.1 ships with Mac OS X 10.7, aka Lion.

Tuesday's update also fixed 15 vulnerabilities in Chrome. Six were rated "high," the second-most-severe ranking in Google's threat system; six were ranked "medium"; and three were tagged as "low."

None of the vulnerabilities was pegged as "critical," the category reserved for bugs that may let an attacker escape Chrome's anti-exploit sandbox. Google has patched several critical bugs this year, including two in April.

Four of the 15 vulnerabilities were identified as "use-after-free" bugs, a type of memory management flaw that can be exploited to inject attack code, while two others were labeled "same origin bypass" vulnerabilities. Those bugs could be used to steal sensitive information contained in legitimate sites open in the browser by tricking users into visiting malicious URLs at the same time.

As it always does, Google locked the Chrome bug-tracking database to prevent outsiders from reading up on the patched vulnerabilities. The company bars the public from the database to give users time to update, sometimes waiting months before removing the blocks.

For example, none of the descriptions for the 27 bugs Google patched in late April can yet be accessed by the public.

The company paid out $9,870 in bounties to five researchers who reported eight of the vulnerabilities, including $4,633 to frequent contributor Sergey Glazunov. Another researcher identified only as "miaubiz," took home $3,000 for his or her efforts.

Glazunov was awarded Google's top-money bounty of $3,133 for finding a bug that when accompanied by several lesser vulnerabilities ended up classified by Google as "critical impact."

In January, Glazunov became the first outside researcher to win Google's biggest bounty. So far this year, Google has spent more than $88,000 on bug bounties.

Of the major browser makers, only Google and Mozilla pay bounties to independent security researchers.

Chrome 12 can be downloaded for Windows, Mac OS X and Linux from Google's Web site. Users already running the browser will be updated automatically.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.