There is a security update from Google for its Chrome operating system on Android devices, resolving seven medium-risk vulnerabilities.
The update strengthens Chrome for Android’s sandbox technology as well as resolving seven other moderate bugs, said software engineer Jay Civelli on the Google Chrome Blog. The fix is available for users of Android 4.0 (Ice Cream Sandwich) and 4.1 (Jelly Bean).
Specifically, the update fixes two medium-rated bugs reported by Artem Chaykin for which he received a total of $1,000 in rewards. The first fixes an issue with information and credential disclosure by file:// URLs and the second resolves a problem with current-tab cross-application scripting (UXSS).
Google shipped these updates on the same day that Jon Oberheide of Duo Security published a blog presenting the findings of their X-Ray projects, which revealed that more than half of Android devices contain vulnerabilities that attackers could exploit to take complete control of user’s devices.