Chrome 23 Patches 14 Security Flaws

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Google recently released version 23 of its Chrome browser, patching two vulnerabilities for Mac users and 12 vulnerabilites for Windows.

"Six of the vulnerabilities fixed by Google are rated as high and the rest of the bugs are either medium or low severity," writes Threatpost's Dennis Fisher. "Both of the Mac-specific vulnerabilities fixed in Chrome 23 are high-severity flaws, and each one earned a $1,000 reward for security researcher Miaubiz. The highest reward went to a researcher named Phil Turnbull, who reported an integer overflow leading to out-of-bounds read in WebP handling. That earned him $3,500 payment."

"Arguably the biggest addition in Chrome 23 is the support of the Do Not Track (DNT) protocol," writes The Next Web's Emil Protalinski. "Microsoft was the first to announce support for the DNT mechanism in Internet Explorer 9, followed by Mozilla’s Firefox, Apple’s Safari, and Opera. Microsoft is still pushing forward on DNT support, as it is the first to enable the option by default in IE10, while Chrome 23 only now has an option to enable it. Nevertheless, Google giving the green light for DNT in Chrome means all five major browsers now support the standard."

"The update also makes it easier for users to view and control permissions for web sites," The H Security reports. "By clicking on the page/lock icon next to a site's address, users can modify such permissions as geolocation, popups, camera and microphone access, and JavaScript."

"For existing users Chrome 23 will arrive via auto-update," writes Wired's Scott Gilbertson. "Anyone wanting to take the latest stable release for a spin can grab a copy from Google."