Security & Privacy

The Google team has updated its Chrome web browser to version 22.0.1229.92 for Mac OS X and other operating systems. Security fixes include patches for one high-level vulnerability and one critical vulnerability; these builds fix five vulnerabilities overall. Encouraging scrutiny of its web browser for information about vulnerabilities, Google awarded $4,633.70 in cash to the security researchers who provided information about the security holes covered in this update.

Following are descriptions of the fixed bugs:

• CVE-2012-2900: Crash in Skia text rendering
• CVE-2012-5108: Race condition in audio device handling
• CVE-2012-5109: OOB read in ICU regex
• CVE-2012-5110: Out-of-bounds read in compositor
• CVE-2012-5111: Plug-in crash monitoring was missing for Pepper plug-ins

These builds also have a new version of Adobe Flash Player with security and other fixes to boot. Google’s Chrome browser updates automatically, or you can download Google Chrome to install the newest version.