X

Google issues, then reissues Chrome security fix

The newest mainstream version of the open-source browser had two security fixes, but Google had to reissue the patch after it caused crashes.

stephenshankland.jpg
stephenshankland.jpg
Stephen Shankland principal writer
Stephen Shankland has been a reporter at CNET since 1998 and writes about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science Credentials
  • I've been covering the technology industry for 24 years and was a science writer for five years before that. I've got deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and other dee
Stephen Shankland

Google fixed security holes with a new release of its stable version of Chrome--then released a replacement shortly afterward to prevent a batch of crashes that turned up as well.

Chrome 1.0.154.64 (download) emerged Tuesday and was intended to fix one critical security problem and one high-severity one. On Thursday, came 1.0.154.65 to fix a crash during startup that affected "a small percentage of users," said Chrome Program Manager Mark Larson.

With the first problem, an attacker under some circumstances could run attack software with the same privilege as the computer user.

With the second, an issue handling 2D graphics could potentially allow a specially crafted image to crash a tab and run an attacker's code within Chrome's sandbox security isolation system.