Google updated the stable and beta channels of their Chrome browser, fixing bugs and twelve security vulnerabilities.
Seven of the 12 security fixes were high-risk problems and Google paid $6000 to the researchers that discovered the bugs.
The update also includes a new version of the bundled Flash Player. Adobe revised the Flash Player advisory from the end of March to include fixes for a Chrome/Flash only pair of memory corruption issues listed as CVE-2012-0724 and CVE-2012-0725. Given these issues only affect Chrome and Chrome manages its own update, it is unlikely Adobe will be reissuing or updating the advisory or patches for other browsers and platforms.
The seven high risk vulnerabilities are bugs that left several Chrome components open to exploitation by using memory after freeing it up. You can find some of the issues using AddressSanitizer. The Chrome developers also fixed several cross-origin problems and two issues where the browser could undergo exploitation to read from memory where it shouldn’t.
Details of these vulnerabilities are not available yet as Google usually gives the updates some time to roll out before it publishes further information. They do this to prevent attackers from reverse engineering the vulnerabilities before the updates have a chance to reach all affected systems.
Changes in this update not security-related include several graphics and HTML Canvas fixes. The developers have also remedied problems with CSS rendering and bugs in the browser’s UI.