Released stable version of Chrome 30 browser, eliminating the 5 vulnerabilities

Posted: October 16, 2013 in IT Security News
Tags: , , ,

Google ChromeThe flaws allowed malicious user to bypass certain security restrictions and compromise a vulnerable system.

Google has released the stable version of Chrome 30 browser for Windows, Mac, Linux and Chrome Frame. The new version of the browser contains some fixes for vulnerabilities allowing malicious people to bypass certain security restrictions and compromise a vulnerable system.

The main new feature in Chrome 30 is the built-in browser beta version of QuickOffice for editing Word and Excel. In addition, the new version also supports multiple accounts for the popular web-platforms, including platforms for Google.

The developers have improved the sensory functions of the browser for a more comfortable user experience tablets. From now on will work better and sandbox for Native Client.

We recommends that users install the new version of Google Chrome as soon as possible. Install the latest version 30.0.1599.101 with the manufacturer’s website: https://www.google.com/chrome

Multiple vulnerabilities in Google Chrome

Danger: High
The presence of fixes: Yes
The number of vulnerabilities: 4

CVE ID:
CVE-2013-2925
CVE-2013-2926
CVE-2013-2927
CVE-2013-2928

Vector of operation: Remote
Impact:
– Security Bypass;
– System compromise.

CWE ID: CWE-119: Buffer Errors

Affected products: Google Chrome 30.x

Affected versions: Google Chrome to version 30.0.1599.101.

Description:

Can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

1. The vulnerability is caused due to an error of use after the release of XHR. This can be exploited to compromise a vulnerable system.

2. An error use after release during editing. This can be exploited to compromise a vulnerable system.

3. An error use after release when processing forms. This can be exploited to compromise a vulnerable system.

4. The vulnerability is caused due to two unknown errors. Details were not disclosed vulnerability.

Link:
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s