Chrome 25 Fixes 22 Security Vulnerabilities

Google’s latest version of their Chrome browser – version 25 – has been  promoted to the ‘Stable Channel’ and includes a few new items –

  • Improvements in managing and securing your extensions
  • Better support for HTML5 time/date inputs
  • JavaScript Web Speech API support
  • Better WebGL error handling
  • And lots of other features for developers



The new release also saw 22 vulnerabilities receive a fix, 20 of which were general and 2 which only affected the Linux and Mac versions.

Some of the vulnerabilities discovered earned bug bounties (a total of $3,500) for those that found them as detailed below:

  • [$1000] [172243] High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.
  • [$1000] [171951] High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.
  • [$500] [167069] Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.
  • [$500] [165432] High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.
  • [$500] [142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.

You can learn more about all the vulnerabilities that were discovered by visiting Google’s Chrome update page at

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind