Google fixes 11 Chrome flaws, debuts stable version 7
Patches autofill crash that hacker's could exploit
Computerworld - Google patched 11 vulnerabilities in Chrome on Thursday as it updated the browser to version 7.
The security update was the fourth since Sept. 2., when Google first boosted Chrome 6 to the "stable" release, the browser's most polished version.
Only one of the bugs patched in Chrome 7.0.517.43 was rated "critical" in Google's four-step threat scoring system, with five tagged as "high." Three others received the "medium" label, while two were pegged as "low."
Google paid out only $1,000 in bounties to two researchers who reported a pair of bugs, the least it's awarded since last June.
As usual, Google locked down its bug tracking database to hide technical details of the vulnerabilities. The company usually unlocks access to a flaw several weeks after a patch ships, to give users time to update before the information goes public.
Other browser makers, including Mozilla, do the same.
The single critical vulnerability was tersely explained as a "browser crash with form autofill." Chrome's developers added autofill only last August. The time-saving feature automatically enters the user's name, address, phone number, e-mail address and credit card number in various Web site forms.
The company's made good on that with Chrome 7, which moved to the stable "channel" -- Google's term for its release editions -- seven weeks after Chrome 6's debut.
Google touted other changes to Chrome that apply to developers -- including full AppleScript support on the Mac and a revamped HTML5 parser -- and said that version 7 also boasted fixes for "hundreds" of non-security bugs.
According to Web metrics company Net Applications, Chrome accounted for 8% of all browsers used last month. At its current pace, Chrome will pass the 10% milestone by the end of the year.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Desktop Apps in Computerworld's Desktop Apps Topic Center.
- The Business Value of Continuous Delivery Download this whitepaper to learn more about the business value of Continuous Delivery and see why it could be a game changer for...
- Ten Factors Shaping the Future of Application Delivery Download this research report conducted by Enterprise Management Associates (EMA) to learn how those that are seeking to accelerate application delivery are leveraging...
- HTTP Status Code Cheat Sheet Look at the Graph, Find the Code and Boom - You're Solving Problems. Identifying and understanding common HTTP status codes can go a...
- Architects lead the next generation of data-driven applications Read this whitepaper to find out how application architects can quickly and confidently deliver long-lasting applications that minimize cost, complexity, and risk while...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All Desktop Apps White Papers | Webcasts