Google is updating its Chrome web browser to version 14, providing security fixes and new features.
Google Chrome 14.0.835.202 is now available for Windows, Mac and Linux and fixes 32 flaws. Of those flaws, Google has rated 15 of them as being high-risk, 10 as medium and seven as low risk. In total, Google is paying out $14,337 to security researchers as part of the Chromium Security Award program for reporting flaws to Google that were fixed in Chrome 14.
The fixed high risk flaws in Chrome include use-after free memory vulnerabilities with plug-in handling, Ruby, the focus controller, document loader and tables style handling. Use-after-free errors occur when a function continues to hold onto a memory location even after an operation has been completed. An attacker can potentially make use of the same memory location then to launch arbitrary code.
The Chrome 14 update also fixes high-impact issues with the v8 JavaScript engine including type confusion in v8 object sealing, a cross-origin bypass issue and off-by-one flaw in v8.
Google has also fixed multiple URL bar spoofing issues in Chrome 14 of varying severity.
While having a 32 flaw fix update might seem like a lot, Google noted in its Chrome 14 release notes that there were more flaws that were fixed during the development process for Chrome 14. Google thanked the Microsoft Java Team and Microsoft Vulnerability Research (MSVR) as well as Apple among others for working with the Google Chrome team during the development process to prevent bugs from reaching the stable release.
You can download the new version using following link:
Download Link