Google has released a major update for its Chrome browser, fixing 20 security vulnerabilities and including a new feature that scans downloaded executables and warns users if they’re potentially malicious.
The new file-scanning feature is a major upgrade to the way that Chrome handles user downloads. Attackers and malware authors often disguise they’re malicious files to look like legitimate files, giving them identical or similar names to common Windows executables, for example. For users, figuring out which ones are safe and which are dangerous can be a tall order.
Chrome will now check each downloaded executable file against a list of known bad files as well as matching it to a whitelist of known good files.
“If the executable doesn’t match a whitelist, Chrome checks with Google for more information, such as whether the website you’re accessing hosts a high number of malicious downloads,” Noe Lutz, a Google software engineer, wrote in a blog post.
Among the bugs fixed in the newest version of Chrome are eight high-priority flaws. Google paid out $10,500 in rewards to researchers as part of its bug bounty program.
The vulnerabilities fixed in Chrome 17 include:
code.google.com/p/chromium/issues/detail?id=103630
code.google.com/p/chromium/issues/detail?id=104056
code.google.com/p/chromium/issues/detail?id=105459
code.google.com/p/chromium/issues/detail?id=106441
code.google.com/p/chromium/issues/detail?id=108416
code.google.com/p/chromium/issues/detail?id=108871
code.google.com/p/chromium/issues/detail?id=108901
code.google.com/p/chromium/issues/detail?id=109094
code.google.com/p/chromium/issues/detail?id=109245
code.google.com/p/chromium/issues/detail?id=109664
code.google.com/p/chromium/issues/detail?id=109716
code.google.com/p/chromium/issues/detail?id=109717
code.google.com/p/chromium/issues/detail?id=109743
code.google.com/p/chromium/issues/detail?id=110112
code.google.com/p/chromium/issues/detail?id=110277
code.google.com/p/chromium/issues/detail?id=110374
code.google.com/p/chromium/issues/detail?id=110559
code.google.com/p/chromium/issues/detail?id=73478
code.google.com/p/chromium/issues/detail?id=92550
code.google.com/p/chromium/issues/detail?id=93106