Google ChromeGoogle has fixed 3 Chrome security holes, two which were rated as high severity, and the other as medium.

The first issue was in the V8 JavaScript engine, which could “allow specially-crafted Javascript on a web page to read unauthorized memory, bypassing security checks.”

The second issue allows poorly formed XML to crash the browser tab. “A malicious XML payload may be able to trigger a use-after-free condition. Other tabs are unaffected.”

The final bug could allow “sites whose certificates are signed using MD2 or MD4 hashing algorithms … to spoof an invalid site as a valid HTTPS site.”

Thankfully, none of these risks were rated as critical thanks to Google Chrome’s sandbox environment. The update will be pushed out to all current Chrome users.

Comments are closed.