Google patches 37 security issues in Chrome

By
Google patches 37 security issues in Chrome

Google issued patches for 37 security issues in Chrome, with one being rated critical and six considered high risks, with the release of Chrome 63.0.3239.84.

Google issued patches for 37 security issues in Chrome, with one being rated critical and six considered high risks, with the release of Chrome 63.0.3239.84.

The critical vulnerability (CVE-2017-15407) was an out of bounds write in QUIC (Quick UDP Internet Connections), which was reported by Ned Williamson on 26 October earning him US$ 10,500.

The six patched vulnerabilities that are rated high (CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412 and CVE-2017-15413) cover three specific problems, heap buffer overflow in PDFium, out of bounds write in Skia and use after free in libXML. These were all reported in September and October and earned the bug bounty hunters between US$ 5,000 and US$ 6,337 for their effort.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

Hackers using brute-force attacks to infiltrate e-mail systems protected by MFA

Hackers using brute-force attacks to infiltrate e-mail systems protected by MFA

Re-designed Gmail poses new potential threat to 1.4 billion users

Re-designed Gmail poses new potential threat to 1.4 billion users

GitHub now warns you about flaws affecting your Python code

GitHub now warns you about flaws affecting your Python code

My Health Record: the case for opting out

My Health Record: the case for opting out