Google fixes 11 Chrome flaws, debuts stable version 7
Patches autofill crash that hacker's could exploit
Computerworld - Google patched 11 vulnerabilities in Chrome on Thursday as it updated the browser to version 7.
The security update was the fourth since Sept. 2., when Google first boosted Chrome 6 to the "stable" release, the browser's most polished version.
Only one of the bugs patched in Chrome 7.0.517.43 was rated "critical" in Google's four-step threat scoring system, with five tagged as "high." Three others received the "medium" label, while two were pegged as "low."
Google paid out only $1,000 in bounties to two researchers who reported a pair of bugs, the least it's awarded since last June.
As usual, Google locked down its bug tracking database to hide technical details of the vulnerabilities. The company usually unlocks access to a flaw several weeks after a patch ships, to give users time to update before the information goes public.
Other browser makers, including Mozilla, do the same.
The single critical vulnerability was tersely explained as a "browser crash with form autofill." Chrome's developers added autofill only last August. The time-saving feature automatically enters the user's name, address, phone number, e-mail address and credit card number in various Web site forms.
The company's made good on that with Chrome 7, which moved to the stable "channel" -- Google's term for its release editions -- seven weeks after Chrome 6's debut.
Google touted other changes to Chrome that apply to developers -- including full AppleScript support on the Mac and a revamped HTML5 parser -- and said that version 7 also boasted fixes for "hundreds" of non-security bugs.
According to Web metrics company Net Applications, Chrome accounted for 8% of all browsers used last month. At its current pace, Chrome will pass the 10% milestone by the end of the year.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Read more about Desktop Apps in Computerworld's Desktop Apps Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Is Your Big Data Solution Production-Ready? Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Desktop Apps White Papers | Webcasts