The Mac Security Blog
Google has updated its Chrome web browser for three high-risk vulnerabilities, bringing the program to version number 16.0.912.77. Google’s release notes point out that one of the bugs, regarding Safe Browsing navigation, “was fixed in 16.0.912.75 but accidentally excluded from the release notes,” so this release actually mentions four vulnerabilities, but only actually fixes three of them.
The Chrome browser auto-updates on Mac OS X, so you don’t have to worry about downloading a new version.
It was only three weeks ago that Google updated their Chrome web browser for a number of security flaws. The company has released another update, addressing three high-risk issues, and incrementing the version number to 16.0.912.75. None of these issues are serious enough to lose sleep over, but sometimes even the smallest vulnerabilities can be exploited.
As always, Chrome will update itself, so no need to worry about downloading anything on your own. Full information about the security fixes in the update is available here.
Google has released an update to the company’s Chrome web browser, moving it to version 16.0.912.63, patching 15 vulnerabilities along the way. Some of these are rated “high” risk, but none are serious enough to cause users to worry. As always, the Chrome browser updates automatically, even if it’s not running. When we just checked in our Applications folder, we found that the version number of the Chrome application matched this new version.
Google has updated its Chrome web browser to version 15.0.874.121, to fix a high-risk vulnerability which could lead to an out-of-bounds memory write in the browser’s JavaScript engine. The update also contains a number of bug fixes.
Users can update their version of the browser by launching the program, or restarting it, and using the transparent auto-updater it contains.
Google has announced that the company is introducing encrypted searches. This means that, as the service is rolled out, your Google searches will be redirected to https://www.google.com, if you are signed into a Google account. The https version is encrypted using SSL, which means that the search terms you send to Google, and the results you receive, will be sent encrypted. (If you’re not signed into a Google account, you can simply load Google’s SSL page by using this URL: https://www.google.com/.)
In most cases, this won’t make any difference, but this prevents malicious users from sniffing network traffic and discovering what you search for. If you’re on a public Wi-Fi network, this is relatively easy to do, and someone watching network traffic could learn sensitive personal information about you by seeing what you search for.
You may not see this change right away, as Google has said this will occur “over the next few weeks.”
For more about how SSL works, see this Google support document.
Google has updated its Chrome web browser to the memorable version number 14.0.835.163, and, in the process, has patched a total of 32 security flaws. These bugs are rated low to high, with none getting the worry-inducing “critical” rating. Some of the bugs fixed include:
- Possible URL bar spoofs with unusual user interaction
- Insecure lock file handling in the Mac installer
- URL bar spoof with forward button
- Out-of-bounds read with Tibetan characters
As can be seen from these and others on Google’s web page, none of these are deal-breakers, but it’s important to realize that even seemingly small issues can have repercussions where security is concerned.
Launch Google Chrome to run the program’s built-in updater.