14 DAY TRIAL // Google has updated the stable version of Chrome to 49.0.2623.108, applying five bug fixes, among which one was discovered at this year's Pwn2Own hacking competition held in Vancouver, Canada, a week ago.
During the contest, two teams tried to hack Chrome. The first was Qihoo's 360Vulcan Team, who was successful and won $52,500 (€47,000), and then South Korean hacker JungHoon Lee (lokihardt), who tried on the second day but failed.
Despite being successful, the exploit used by 360Vulcan was deemed a duplicate, as someone had already discovered it prior to the contest's start. On the other hand, Lee's bug was an original find, even if it didn't work in the 15-minute window he had at Pwn2Own to use it.
The Chrome team was on hand to record the events, get details about each exploit, and now, a week later, the company is issuing a fix for the latter issue, which Google's developers revealed to be a buffer overflow in libANGLE, a library used for the browser's graphics processing features.
Google also fixed four other high severity issues
Along with Lee's bug, Google has also fixed three other security issues reported by independent researchers and a bug discovered by its own security audits (CVE-2016-1650).
Wen Xu from Tencent KeenLab discovered an out-of-bounds read in Chrome's V8 engine (CVE-20160-1646), for which he was awarded $7,500 ($6,700).
Two other bugs were attributed to "anonymous" researchers and they helped Google fix an use-after-free issue in the Navigation component (CVE-2016-1647) and another use-after-free issue in the Extensions component (CVE-2016-1648). The first bug brought in a reward of $5,500 (€4,900) while the second received $5,000 (€4,500).
Google Chrome 49 was released at the start of the month, and it fixed 49 security issues, for which it paid $51,000 (€45,600) to security researchers for their help.
Users can use Chrome's built-in updater to upgrade their browser, atnd hey can download the most recent version of Chrome from its homepage, or from Softpedia's Google Chrome download mirrors for Linux, Mac OS X and Microsoft Windows operating systems.