Google Chrome update includes 15 security fixes

Google has released Chrome 51.0.2704.79 to address multiple vulnerabilities for Windows, Linux, and OS X. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Chrome update

Ongoing internal security work was responsible for a wide range of patches, and this update includes a total of 15 security fixes. Here are the fixes contributed by external researchers:

  • $7500High – CVE-2016-1696: Cross-origin bypass in Extension bindings. Credit to Anonymous.
  • $7500High – CVE-2016-1697: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
  • $4000Medium – CVE-2016-1698: Information leak in Extension bindings. Credit to Rob Wu.
  • $3500Medium – CVE-2016-1699: Parameter sanitization failure in DevTools. Credit to Gregory Panakkal
  • $1500Medium – CVE-2016-1700: Use-after-free in Extensions. Credit to Rob Wu.
  • $1000Medium – CVE-2016-1701: Use-after-free in Autofill. Credit to Rob Wu.
  • $1000Medium – CVE-2016-1702: Out-of-bounds read in Skia. Credit to cloudfuzzer.

Don't miss