According to Google’s Chrome Releases blog, one of the vulnerabilities is rated critical while two are high-risk. In keeping with their bounty reward program, Google awarded Aki Helin from Finland’s Oulu University Secure Programming Group $1000 for each of his high-risk vulnerabilities:
- Use-after-free in image loading.
- Crashing when printing in PDF event handler.
The update’s only critical vulnerability was an audio bug, a race condition in audio handling, found by contributors to the social news site Reddit while trying to play the HTML5 game Z-Type.
The rest of the vulnerabilities, rated low, ranged from sandbox leaks to minor browser crashes.
Chrome’s recent update also includes support for a fairly new technology, WebGL, which brings new 3D graphics to the browser along with Chrome Instant, a feature that begins loading pages as you type the URL.
Additionally, all users of Chrome now have the ability to access the Chrome Web Store.