Google has patched a long list of serious 31 security vulnerabilities in Chrome 34 and paid out more than $28,000 in rewards to researchers who reported bugs to Google.Google Chrome has always been supported by a number of external security researchers, making it more secure and reliable. Even though the company has one of the best minds in the world, they sometimes fail to find the bugs.
These security patches, Google introduced a change in Chrome 34 that will allow users to save passwords in the browser even if they have the autocomplete feature disabled.
Google said, “As we have previously discussed, Chrome will now offer to remember and fill password fields in the presence of autocomplete=off. This gives more power to users in spirit of the priority of constituencies, and it encourages the use of the Chrome password manager so users can have more complex passwords. This change does not affect non-password fields.”
The full list of fixes is below:
- [$5000][354123] High CVE-2014-1716: UXSS in V8. Credit to Anonymous.
- [$5000][353004] High CVE-2014-1717: OOB access in V8. Credit to Anonymous.
- [$3000][348332] High CVE-2014-1718: Integer overflow in compositor. Credit to Aaron Staple.
- [$3000][343661] High CVE-2014-1719: Use-after-free in web workers. Credit to Collin Payne.
- [$2000][356095] High CVE-2014-1720: Use-after-free in DOM. Credit to cloudfuzzer.
- [$2000][350434] High CVE-2014-1721: Memory corruption in V8. Credit to Christian Holler.
- [$2000][330626] High CVE-2014-1722: Use-after-free in rendering. Credit to miaubiz.
- [$1500][337746] High CVE-2014-1723: Url confusion with RTL characters. Credit to George McBay.
- [$1000][327295] High CVE-2014-1724: Use-after-free in speech. Credit to Atte Kettunen of OUSPG.
- [$3000][357332] Medium CVE-2014-1725: OOB read with window property. Credit to Anonymous
- [$1000][346135] Medium CVE-2014-1726: Local cross-origin bypass. Credit to Jann Horn.
- [$1000][342735] Medium CVE-2014-1727: Use-after-free in forms. Credit to Khalil Zhani.
No comments:
Post a Comment