Home > Cyber News > Google Chrome More Secure After 159 Security Flaws Get Fixed
CYBER NEWS

Google Chrome More Secure After 159 Security Flaws Get Fixed

by   |  Last Update:  |  0 Comments  

Google-Chrome-More-Secure-159 Security-Flaws-Fixed159 security issues have been discovered and fixed for the new, now more stable version of Google Chrome.

The combination of IPC (Inter-Process Communication) and V8 vulnerabilities is among the most striking of the bugs discovered on Google Chrome. It could lead to remote code execution outside the sandbox. The person who has discovered it, the researcher Jüri Aedla, has been offered $27,633 as a “thank you” for the good work.

The rewards within the bug bounty program initiated by Google have been recently increased to $15,000 for a sandbox escape bug that is adequately reported.

A significant layer of defense in Google Chrome is the ability to restrict processes running in an isolated environment. This way malware cannot gain persistency on the system, neither it can read arbitrary files on the computer. What’s more important, sandboxed processes, and any eventual bug they are affected by, cannot write to disk.

And the Reward Goes To…

113 out of all 159 bugs found, were minor. They were discovered with the help of MemorySanitizer – a tool that discovers uninitialized memory read in C and C++.

Collin Payne and Atte Kettunen of the Oulu University Secure Programming Group (OUSPG) received $23,000 for their efforts, working together with the Google team on the development cycle to stop further security flaws from reaching the stable version.

Here are other notable bugs which were discovered and fixed:

  • Use-after-free glitches in DOM, Rendering, Events and Web Workers
  • Out-of-bounds read errors in the PDF rendering engine of Chrome

The Google developers have managed to take care of permissions bypass flaw, discovered in Windows sandbox and a data leak in XSS Auditor.

Your Browser Will Switch to the New Release Automatically

The latest release is available for all supported PC platforms and has a built-in automatic update mechanism. In case the browser is not updated as it is started, it will after the user restarts his machine.

Soon after the Chrome update, new versions for other browsers that rely on its engine are to be expected.

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Related posts:
  1. The 10 Funniest Computer Fails, Bugs and Errors As long as there is code, there will always be...
  2. Oracle Has Fixed 270 Security Flaws in Its Products Oracle’s first quarterly critical dose of patches has been released....
  3. Which is the Most Secure Browser for 2020 – Chrome, Firefox, Edge, Safari? MARKET SHARE SECURITY RATING UPDATES FREQUENCY SECURITY PLUGINS SECURITY FEATURES...
  4. CVE-2016-5195, Plenty of Flaws Fixed in Android’s December Bulletin Dirty Cow may sound like someone’s favorite insult but it’s...
  5. Google Fixes CVE-2017-5070, Multiple Security Flaws in Chrome 59 Google just released patches for CVE-2017-5070 and 29 other flaws...
  6. Several High Severity Bugs Fixed in Firefox and Chrome A bunch of critical security vulnerabilities affect Mozilla Firefox browser....
  7. Firefox vs. Google Chrome 2015: Security Flaws Unveiled When a web browser is facing a major update, there...
  8. UFO Giveaway Scam Removal Guide [Free Fix Steps] What Is UFO Giveaway Scam? UFO Giveaway Scam is the...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree