Google updated Chrome to version 37 which patched 50 security bugs, while abandoning a 29-year-old Windows technology to display fonts.
The company also paid out $51,000 in bounties to several outside researchers, including a $30,000 pay day to one bug hunter who reported several critical vulnerabilities.
Google 37 featured patches for 50 vulnerabilities, including several that resulted in bug bounties between $500 and $4,000.
Google rated the flaws as “critical,” its highest threat ranking and one it rarely assigns.
Google almost always reserves the critical rating for vulnerabilities that let attackers escape the browser’s “sandbox,” a primary anti-exploit technology that isolates Chrome from the rest of the operating system and the computer’s storage. Sandboxes should limit any intrusion and prevent hackers from planting malware on the machine.
In addition to the security fixes, “Chrome 37 contains a number of fixes and improvements, including … DirectWrite support on Windows for improved font rendering,” said Alex Mineer, a technical program manager on the Chrome team.
Microsoft introduced the DirectWrite API with Windows 7, which shipped in the fall of 2009, and back-ported the technology to Windows Vista Service Pack 2 (SP2) at the same time with a “Platform Update.” The now-retired Windows XP does not support DirectWrite.
Prior to the switch to DirectWrite, the “Stable” version of Chrome, the most polished version Google offers, used Microsoft’s Graphics Device Interface (GDI), which was a core component of Windows since the graphical user interface’s (GUI) debut in late 1985. Microsoft had been working on GDI for at least two years before that.
Last month, when Google shipped the beta of Chrome 37, another member of the browser team said DirectWrite had been a top request from users for years. An entry in Chromium’s bug tracker — Chromium is the open-source project that feeds code to Chrome — about DirectWrite support goes back almost five years.
Other browsers adopted DirectWrite some time ago. Mozilla’s Firefox, for example, switched from GDI to DirectWrite with version 4, which debuted in March 2011. Microsoft’s own Internet Explorer (IE9) began using DirectWrite with IE9, which shipped the same month.
The lack of DirectWrite support in Windows XP was one of the reasons why IE9 would not run on the even-then-aging OS.
DirectWrite produces sharper text, and generates that text faster because it harnesses the device’s GPU (graphics processor unit), offloading the chore from the CPU.
Last month, Google claimed that users would see “better-looking fonts and increased rendering performance.”
A user can download Chrome 37 from the company’s website. Current users’ copies will automatically update in the background.