The three security vulnerabilities were rated as critical and are associated with the Graphics Processing Unit (GPU) process over use-after-free, off-by-three (Windows only) and heap overflow issues. Critical means that left unresolved they could have allowed an attacker to remotely execute arbitrary code on a victim's computer.
The new version of Chrome will also carry a new version of Flash Player, which Adobe is also releasing today. This fixes a vulnerability that has seen hackers launch attacks using Flash files embedded in Word files sent as email attachments.
Two security researchers were rewarded in their efforts to detect and report the vulnerabilities. For the off-by-three GPU bug yuri.ko616 earned $500. Christop Diehl earned $1,000 for finding the heap overflow GPU bug, while the other vulnerability was found by a member of the Chrome security team.
You can update by downloading the new version from the Chrome website, while current users can also use the built-in update tool. Chrome is rapidly increasing in popularity, and this update is evidence that Google is being proactive with web browser security like its rivals, as it has to be. µ
Sign up for INQbot – a weekly roundup of the best from the INQ