Jump to content

Google issues Chrome security fixes in fresh update


Batu69

Recommended Posts

Google has released an update to cure security flaws including cross-origin bypasses.

phishing-conceptcredsymantec.jpg

Symantec

Google has released a new update for the Chrome browser which cures a number of security problems including two cross-origins bypass flaws and a scheme validation error.

The latest release of the Chrome browser, version 43.0.2357.130 for Windows, Mac, and Linux, includes release notes on four security problems contributed by four third-party researchers. One of the reported flaws, a scheme validation error reported by an anonymous researcher, earned them $5000 as a bug bounty. Other rewards are yet to be decided.

The list of fixes is below:

[464922] High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous.

[494640] High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.

[497507] Medium CVE-2015-1267: Cross-origin bypass in Blink. Credit to anonymous.

[461481] Medium CVE-2015-1269: Normalization error in HSTS/HPKP preload list. Credit to Mike Ruddy.

In related news, earlier this month Google boosted bug discovery in Android with the launch of the new Android Security Rewards program. Valid bugs submitted through the program earn a minimum reward of $500, with rewards reaching up to $8,000 for particularly interesting or nasty security flaws.

News source

Link to comment
Share on other sites


  • Views 646
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...