New update Chrome 23.0.1271.97 with the elimination of critical vulnerabilities

Posted: December 13, 2012 in IT Security News

Google ChromeGoogle introduced an adjustment issue web-browser Chrome 23.0.1271.97, which eliminated six vulnerabilities and represented a portion of bug fixes.

One of the vulnerabilities given the status of a critical problem to bypass all security levels browser. Critical issue (CVE-2012-5142) was detected Google employees and appears in the output of buffer boundaries when performing work on the history of visits.

Three vulnerabilities are classified as dangerous problems: Two vulnerabilities are caused by an appeal to the memory after its release, and one problem is the stack corruption when decoding specially decorated content format AAC. The program for the payment of remuneration on the security for the current release, Google paid $ 4,500 security researchers (one prize, $ 2000, $ 1500 and $ 1000).

Of non-safety issues noted rectification with cutting edges of the text in the popup dialog box with the settings of the site. On Linux, the problem corrected the text in the input sections for some web-based applications, leading to the show of the selected content in white on a white background. Fixed problems with some plug-ins to operate improperly. Some issues specific to the Windows 8 platform. The new version of Chrome also proizvedelno updated version comes with the browser plug-in Adobe Flash, which carried out the work on the bugs.

In addition, we note the emergence of an interesting effect on Monday, which led to massive COLLAPSE browser Chrome When you attempt to synchronize data. The cause of the problem was to change the configuration of the load balancer, which led to the failure of a number of components of the infrastructure Google (for example, there was non-functional in Gmail). In response the system of protection against failures during the synchronization session asked including new quota settings for use on the client side. These quotas are set in relation to the type of information to be synchronized, but in this case was selected using quota for all types at once that it was incorrectly parsed by the browser and led to its collapse.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s