Google is updating its stable version of the Chrome browser for Linux, Mac, and Windows, fixing at least nine security vulnerabilities. Only one of the vulnerabilities in Chrome 6.0.472.59 is rated by Google as being "critical" -- the highest threat level Google assigns to vulnerabilities -- although six of the fixes carry a "high" rating, the next-most severe level.
The Chrome 6.0.472.59 update comes as Google (NASDAQ: GOOG) continues to push forward on the development of its Chrome 7 browser and as rivals Mozilla Firefox and Microsoft Internet Explorer race to finish their own next-generation Web browsers.
The single critical fix in Chrome 6.0.472.59 is for a flaw that affects only the Apple Mac version of Chrome. As of press time, Google has not disclosed publicly the flaw's details.
Of the flaws rated as having a potentially high impact by Google, the search giant credited a security researcher working under the alias "kuzzcc" with having reported five of the vulnerabilities. In total, Google said it would be awarding $2,500 to kuzzcc for the discovery of the flaws as part of the Chromium Security Award initiative, which pays out cash rewards for security disclosures.
Kuzzcc reported a memory corruption issue in Chrome's Geolocation, as well as a race condition -- an error related to event sequencing -- in console handling, according to Google.
Additionally, kuzzcc reported a pair of use-after-free issues with SVG