ID: IRCNE2011051124
Date: 2011-05-29
According to “TechWorld”, Google patched several vulnerabilities in Chrome, including two a French security company said could be used to bypass the browser's anti-exploit technology.
But Chrome 11.0.696.71, which Google rolled out yesterday to users via its automatic update mechanism, does not patch the flaw that Vupen researchers said earlier this month could be exploited on Windows 7.
Tuesday's security update was the second for the Chrome "stable" build, the most polished version of the browser, this month. Google fixed four vulnerabilities in the update, including two rated "critical," the category typically reserved for bugs that may let an attacker escape Chrome's "sandbox." The two critical vulnerabilities were credited to Google's own security engineers.
Chrome has been resistant to attack, primarily because of its sandbox technology, which is designed to isolate the browser from the rest of the machine, making it very difficult for a hacker to execute code on the computer. For example, Chrome has escaped unscathed in each of the last three Pwn2Own hacking contests. No other browser included in Pwn2Own has matched Chrome's record at the contest.
- 2