Saturday, November 14, 2009

Google Chrome 3.0.195.33

(2009.11.12)

Google Chrome's Stable channel has been updated to 3.0.195.33 to fix a potential issue that could cause Google Chrome to stop working and a security issue.

This release removes a dependency on a Windows library (t2embed.dll) that is not required by Google Chrome. If that library is missing or the user does not have permission to read it, earlier versions of Google Chrome would fail silently.

Security Fix:
CVE-2009-2816 Custom headers incorrectly sent for CORS OPTIONS request

A malicious web site operator could set custom HTTP headers on cross-origin OPTIONS requests.

Severity: Low. The majority of users are unlikely to be impacted by this issue.

Mitigations:
* A victim would need to visit a page under an attacker's control.
* The OPTIONS attribute is not widely supported by servers.

-DOWNLOAD-
Google Chrome 3.0.195.33

No comments:

Post a Comment

Related Posts with Thumbnails