Google this week launched Chrome 99 to the steady channel, including a complete of 28 safety fixes, together with 21 for vulnerabilities reported by outdoors researchers.

9 of the externally reported safety holes are rated excessive severity, most of that are after-use-free bugs affecting elements reminiscent of Forged UI, Omnibox, Views, WebShare and Media.

Google says it has paid a complete of $33,000 in bug bounties for these 5 vulnerabilities, together with $7,000 for every of the primary 4 points and $5,000 for the fifth.

A excessive bug bounty of $10,000 was awarded for the heap-buffer overflow drawback in ANGLE (CVE-2022-0789).

At $15,000, the very best bug bounty was awarded for a medium-severe use-after-free vulnerability in MediaStream. Google additionally supplied a $10,000 reward for a medium-severity coverage enforcement bug within the installer.

Different vulnerability sorts addressed with this browser replace embrace a number of improper implementation flaws, an out-of-bounds learn concern, a kind confusion bug, an information leak vulnerability, and an out-of-bounds reminiscence entry flaw.

Google notes in its advisory that up to now it has paid out greater than $103,000 in bug bounty rewards to outdoors researchers reporting, however has but to find out the bounty for a number of bugs.

The web large made no point out of exploiting these vulnerabilities within the assaults.

The newest Chrome launch is now accessible for Home windows, Mac and Linux customers operating as model 99.0.4844.51.

RELATED: Google Detects Assault Exploiting Chrome Zero-Day Vulnerability

RELATED: Google patches 27 vulnerabilities with the discharge of Chrome 98

RELATED: Google Pays Over $100,000 For Vulnerabilities Patched With Chrome 97 Replace

RELATED: Chrome 97 Patch 37 Vulnerabilities

Ionut Arghire is a world correspondent for SecurityWeek.

Earlier column by Ionut Arghire:
tag:



Supply hyperlink