Chrome 33.0.1750.149 is available for download. Google has updated the stable channel of its web browser to address a total of 7 security holes.
Of the 7 vulnerabilities, there are three that stand out. The first, CVE-2014-1700, is a use-after-free issue in speech identified by Chamal de Silva. The researcher has been rewarded with $4,000 (€2,900) for his findings.
The second flaw, CVE-2014-1701, has been reported by aidanhs. The UXSS vulnerability in events has been rewarded with $3,000 (€2,164).
Collin Payne has been rewarded with $1,000 (€7,200) for finding a use-after-free in the web database (CVE-2014-1702). All these vulnerabilities have been cataloged as being high risk.
Google’s internal security team has also contributed to making Chrome more secure. They’ve identified a potential sandbox escape caused by a use-after-free in web sockets (CVE-2014-1703), and various vulnerabilities in V8 (CVE-2014-1704).
Users are advised to update their installations as soon as possible to secure their computers against cyberattacks that might leverage these flaws. It’s worth noting that the latest version of Chrome contains a Flash Player update to version 220.127.116.11. Adobe has pushed out the update to address a couple of vulnerabilities.