Chrome Browser, OS Updated for Security
Google updates Chrome both the browser and the OS, shelling out $2,000 in bug bounties, but sharing few details.
Are you the lucky recipient of one of Googles CR-48 Chrome OS notebooks? Congratulations, Google is now set to update your operating system for a number of security fixes with Chrome OS version 8.0.552.343.
In addition to Chrome OS, Google (NASDAQ: GOOG) is updating all versions of the Chrome browser, which is the core component of the Chrome OS. The new Chrome browser version 8.0.552.224 includes at least five security fixes, two of which are rated as having high impact.
One of the high impact flaws only affects 64-bit Linux builds of Chrome with a bad validation issue for message deserialization.
The second high impact flaw is a stale point issue in cursor handling, which was reported by researchers Sławomir Błażek and Sergey Glazunov. Google is awarding $1,000 to the two security researchers for discovering the flaw.
Google is also paying $1,000 to researcher Chris Rohlf for a medium impact out-of-bounds read flaw with CSS parsing.
Google pays security researchers for security flaw discoveries as part of the Chromium Security Reward program, which offers a top payment of $3,137 for the most critical types of flaws.
Other security issues patched in the new Chrome updates include a medium impact issue where a bad extension could potentially cause a browser crash in tab handling. Additionally there is a low-impact browser crash issue related to a NULL pointer in Chrome's web worker handling code.
Google is not providing full details about the security flaws fixed in Chrome 8.0.552.224. According to Google's release notes, "the referenced bugs may be kept private until a majority of our users are up to date with the fix." Unlike other operating systems and browsers, Chrome provides a fully automatic updating system for OS and browser updates that is intended to run without user interaction.
Digging into the publicly available notes on the Chrome 8.0.552.224 update, reveals other issues that could also potentially have security impact. One such issue is revision, #68241 which fixes an SSL issue with Google's SPDY protocol. SPDY is an open-source application layer protocol for web acceleration first announced by Google in November of 2009.
"Fix case where a SPDY stream with an un-verified cert would kill the browser if an https:// URL was attempted to be fetched across it," Google's revision notes state. "Also fix a bug where when two SSL connections are made, but only one is moved into a SPDY session (because the second is redundant), close the redundant connection."
Google's notes go on to state that the redundant connection had been leaking an un-verified SSL connection, which could then get reused as though it was verified.
The Chrome 8.0.552.224 update is the first security update for the stable build of Chrome since Chrome 8 was first released as a stable release at the beginning of December.
Follow eSecurityPlanet on Twitter.