Chrome 19 Patches Over 20 Security Flaws
For the browser update, Google paid security researchers $7,500 in bug bounties.
Google's recently-released Chrome 19 patches more than 20 flaws, including eight high-severity vulnerabilities.
"This is a major update to Chrome, relative to the recent ones that Google has pushed out," notes Threatpost's Dennis Fisher. "The company updates Chrome on a frequent basis, essentially whenever there are even two or three vulnerabilities to be fixed. But in this release, Google fixed 21 vulnerabilities, with ... a large number of high-risk flaws among them."
"[The] vast majority of all these errors are memory related flaws," writes InternetNews' Sean Michael Kerner. "These are the same type that Google fixes every patch cycle. No they are not diminishing in number either, which leads me to speculate that there is a never ending fountain at the Googleplex that spews out memory flaws for researchers to pluck for cash rewards. Either that, or Chrome's underlying memory management is just insecure by architecture."
"For Chrome 19, Google paid security researchers a grand total $7,500 in rewards as part of its bug bounty program," writes ZDNet's Emil Protalinski. "The last $2,000 went to two rewards for vulnerabilities that applied to Chrome as well as other applications. The total payout is really just a drop in the bucket for Google given that the search giant recently quintupled its maximum bug bounty to $20,000."
"Users are advised to immediately download and install the latest variant to ensure that they are protected against malicious cyber operations that may leverage the recently patched security holes," writes Softpedia's Eduard Kovacs.