Google released Chrome version 44.0.2403.89 for Windows, Mac, and Linux to patch 43 security issues.
Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.
The most critical issues include universal cross-site scripting (UXSS) flaws in Chrome for Android and the Chrome Blink layout engine, heap-buffer-overflow errors, a flaw which allows executable files to run immediately after download and a content security policy (CSP) bypass in the Chrome browser.
As part of Google’s bug bounty program, researchers earned financial rewards based on the severity of the issue. A number of rewards remain up in the air, but the most critical flaws earned researchers cash rewards ranging from $500 to $7500. Around $40,000 went out to security researchers.
In addition to the outsiders finding issues, Chrome’s security team patched a variety of problems based on internal audits and fuzzing.