Lucene search

K
threatpostDennis FisherTHREATPOST:AA75B6E4705AE9114399B3FA9F780255
HistoryMay 12, 2011 - 5:55 p.m.

Google Fixes Two Chrome Bugs, Adds Flash 10.3 to Browser

2011-05-1217:55:06
Dennis Fisher
threatpost.com
22

EPSS

0.007

Percentile

80.2%

Chrome patchGoogle has released an updated version of its Chrome browser, which includes fixes for two security vulnerabilities as well as a new version of the Adobe Flash player.

The latest version of Chrome is just a small incremental update of the browser, and there were no bugs found by external researchers that qualified for a reward via the company’s bug bounty program. The bugs fixed in Chrome 11.0.696.68 include:

  • [64046] High CVE-2011-1799: Bad casts in Chromium WebKit glue. Credit to Google Chrome Security Team (SkyLined).
  • [80608] High CVE-2011-1800: Integer overflows in SVG filters. Credit to Google Chrome Security Team (Cris Neckar).

The inclusion of Flash 10.3 in Chrome means that Chrome users now have the ability to delete so-called Flash cookies, also known as Local Shared Objects, through the browser. That feature makes it much easier for users to control the way that Flash handles those cookies, which have been the subject of criticism from privacy advocates and security researchers.

“Users now have a simpler way to clear local storage from the browser
settings interface – similar to how users clear their browser cookies
today. Flash Player 10.3 integrates control of local storage with the
browser’s privacy settings in Mozilla Firefox 4, Microsoft Internet
Explorer 8 and higher, and future releases of Apple Safari and Google
Chrome,” Adobe says in its release notes for Flash 10.3.

EPSS

0.007

Percentile

80.2%