Minor Security Update Comes to Chrome Browser

The Chromium team over at Google has released a small but important update to the Chrome browser for PC, Mac and Linux today that users will want to make sure they have installed.  The updated build is version 49.0.2623.87 for those keeping score at home and while it doesn’t bring any new features, it does close a few security holes that were in the first Chrome 49 build released last week.

Specifically, this update addresses three flaws that Google outlined in the post announcing the update:

[$5000][589838] High CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
[$3500][590620] High CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.

[587227] High CVE-2016-1645: Out-of-bounds write in PDFium. Credit to anonymous working with HP’s Zero Day

Chrome OS



While none of the items were considered to be critical, they were high enough for the company to release an update mid-cycle.  That means you probably should take it seriously too.  The update is already being pushed out and it is likely that you have already received the update.  You can check by going to Settings>About in the browser where you can find the build you are on and this action will force the browser to go look for an update.
As these releases tend to go, the update today is only for the browser version of Chrome.  Users of Chrome OS and Chrome on Android will likely see an update later this week to reflect these updates on those platforms.
%d bloggers like this: