We have some great news for Chrome 61 users. Google started rolling out the new 61.0.3163.100 version of the browser which takes care of three major security flaws. This new version can already be downloaded by Mac, Linux and Windows OS users. Google is very adamant about how much it cares about user security and this constant stream of Chrome 61 security updates confirms that.
The first high-risk bug that plagued Chrome 61 is known as “CVE-2017-5121”. This bug is basically an out-of-bonds access in V8. This information was confirmed by Jordan Rabet who is Microsoft’s Offensive Security Researcher and member of Microsoft’s ChakraCore team. Worth mentioning is that the expert who took care of this issue received a reward that amounts to $7,500.
Google Bounty Program
Google recognizes that some bugs and security breaches are ingenious and that it’s not capable of finding all of them. This is why Google started its bounty program which rewards tech experts who find issues, bugs and malware in Chrome 61’s code. Nonetheless, while this program might not be too conventional, what matters is that its working.
The second security vulnerability which made using Chrome 61 a risk was tracked under the “CVE-2017-5122” name. This vulnerability is also an out-of-bond access in V8. However, this security breach was found on the date of 2017-08-04 by Choongwoo Han who works for the Naver Corporation. The expert who found this bug was rewarded a $3,000 bounty.
Krishna Govind who is an official Google representative confirmed that all of Chrome 61’s security vulnerabilities have been found through programs such as MemorySanitizer, libFuzzer, AFL and AddressSanitizer. Considering that Google managed to get rid of 21 vulnerabilities during this past few months, it’s safe to say that these vulnerabilities tracking programs are working flawlessly.