Google fixes another seven serious security flaws in Chrome

By Stuart Sumner
21 Feb 2012 View Comments
data-security-key

Google has released a patch for its Chrome browser that fixes 13 security vulnerabilities, seven of which it has classified as high risk.

If left unpatched, some of the vulnerabilities targeted by the update could allow a malicious party to take remote control of a user's machine, either stealing its information or using it to disseminate spam or malware.

Further reading

The patch also includes a new version of the Adobe Flash player plugin, in order to resolve another security issue.

One of the vulnerabilities found to affect Chrome also affects Mozilla's Firefox web browser. Mozilla has also released an update to address this flaw, saying that it could lead to an exploitable browser crash.

"An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable," wrote Mozilla in a security advisory.

These fixes come just days after Google's last major patch to Chrome, which closed 20 vulnerabilities and also added a detector to scan downloaded executable files for evidence of malware.

Last week, Microsoft released a patch correcting four critical flaws in its Internet Explorer browser.

Browser's are increasingly popular targets for cyber criminals as users commonly make transactions via the web that involve entering sensitive financial details. 

If a browser has been compromised by a malicious party, these details can be seen and taken, which is one of the reasons why browser designers are quick to patch any known vulnerabilities.

Reader comments
blog comments powered by Disqus
Newsletters
Is it time to open Windows?

Computing believes that Microsoft will start offering Windows free of charge by 2017. Is this a good thing for the enterprise?

56 %
15 %
7 %
20 %
2 %