Google Patches 159 Vulnerabilities in Chrome 38
Google updates their Chrome browser extremely, often several times per month, patching security flaws, general issues and improving the overall browser experience. In a Google Chrome update, the company generally patches anywhere from 12 to 15 flaws. In the recent Chrome 38 update, the company has patched a massive 159 vulnerabilities.
Of the staggering 159 patches, 113 of them fix minor vulnerabilities found in the browser, but Google also fixed several high-risk vulnerabilities and one critical flaw earned by a researcher a $27,000 bug bounty reward. The researchers obtained his hefty reward for finding a combination of vulnerabilities in the V8 engine and IPC that would allow an attacker to escape the Chrome sandbox and execute arbitrary code. Researcher Juri Aedla received $27,633.70 for his discovery for reporting it to Google.
In this most recent patch, Google payed out more than $52,000 in bug bounty rewards to researchers who properly reported the vulnerabilities. Among the vulnerabilities that Google patched this Tuesday, four were use-after-free flaws rated at high risk. Two other high-risk vulnerabilities were patched as well, among four medium-rated flaws and one low-risk flaw. Full list of patched vulnerabilities in Google Chrome 38:
[$27633.70][416449] Critical CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox.
[$3000][398384] High CVE-2014-3189: Out-of-bounds read in PDFium. Credit to cloudfuzzer.
[$3000][400476] High CVE-2014-3190: Use-after-free in Events. Credit to cloudfuzzer, Chen Zhang (demi6od) of NSFOCUS Security Team.
[$3000][402407] High CVE-2014-3191: Use-after-free in Rendering. Credit to cloudfuzzer.
[$2000][403276] High CVE-2014-3192: Use-after-free in DOM. Credit to cloudfuzzer.
[$1500][399655] High CVE-2014-3193: Type confusion in Session Management. Credit to miaubiz.
[$1500][401115] High CVE-2014-3194: Use-after-free in Web Workers. Credit to Collin Payne.
[$4500][403409] Medium CVE-2014-3195: Information Leak in V8. Credit to Jüri Aedla.
[$3000][338538] Medium CVE-2014-3196: Permissions bypass in Windows Sandbox. Credit to James Forshaw.
[$1500][396544] Medium CVE-2014-3197: Information Leak in XSS Auditor. Credit to Takeshi Terada.
[$1500][415307] Medium CVE-2014-3198: Out-of-bounds read in PDFium. Credit to Atte Kettunen of OUSPG.
[$500][395411] Low CVE-2014-3199: Release Assert in V8 bindings. Credit to Collin Payne.
Photo credit: Google.com