Google has just released an update (36 version) for Chrome browser. O Google Chrome 36 Stable circulating for Windows, Mac, and Linux. The update fixes security flaws, and brings the latest version of Flash Player.
A total of 12 vulnerabilities are fixed in this release, and some of them were discovered by external security researchers who, as usual, are rewarded for their efforts through the proletterτος bug bounty της Google.
For example, to find the security gap (CVE-2014-3.165), Google paid 2.000 dollars to Collin Payne researcher.
Below are the vulnerabilities that have been fixed.
[398925] High CVE-2014-3166: Information disclosure in SPDY. Credit to Antoine Delignat-Lavaud.
As usual, our ongoing internal security work is responsible for a wide range of fixes:
- [400950] CVE-2014-3167: Various fixes from internal audits, fuzzy and other initiatives.
Many of the above bugs were detected using AddressSanitizer.
You can download it new edition from here, or upgrade directly from your browser by going to chrome: // chrome
