Google Chrome 23.0.1271.64 (also now available on the beta channel) has been updated to the Stable channel for Windows, Mac, Linux, and Chrome Frame platforms. This update contains a number of greate new features including GPU accelerated video decoding on Windows and easier website permissions. This release also address multiple vulnerabilities that may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
For Chrome 23 on Windows, Google enabled GPU-accelerated video decoding by default. Dedicated graphics chips draw far less power than a computer's CPU, so using GPU-accelerated video decoding while watching videos can increase battery life significantly.
You’ll also find it much easier to view and control any website’s permissions for capabilities such as geolocation, pop-ups, and camera/microphone access. This saves you from having to dig through settings pages to find these permissions. Now, simply click on the page/lock icon next to a website’s address in the omnibox to see a list of permissions and tweak them as you wish.
Chrome 23 also includes an option to send a "do not track" request to websites and web services. By the way the effectiveness of such requests is dependent on how websites and services respond, so Google is working with others on a common way to respond to these requests in the future.
This version has a new Adobe Flash version v11.5.31.2. More details can be found here.
Install Google Chrome Stable
To install Google Chrome 23.0.1271.64 please visit http://www.google.com/chrome website.
Google Chrome 23.0.1271.64
Note: If you’re running the Windows 8 Enterprise, you’ll be able to try Chrome in Windows 8 Modern Style mode by setting it as your default browser.
Google Chrome 23.0.1271.64 (Windows 8 Modern Style)
What's new in Google Chrome 23.0.1271.64 Stable (November 6, 2012)
This release contains the following updates:
- GPU accelerated video decoding on Windows.
- Easier website permissions.
- Includes an option to send a "do not track" request to websites and web services.
- A new version of Adobe Flash Player. (11.5.31.2)
Security fixes:
- [$3500] [157079] CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP handling. Credit to Phil Turnbull. (Medium)
- [Linux 64-bit only] [$1500] [150729] CVE-2012-5120: Out-of-bounds array access in v8. Credit to Atte Kettunen of OUSPG. (Medium)
- [$1000] [143761] CVE-2012-5116: Use-after-free in SVG filter handling. Credit to miaubiz. (High)
- [Mac OS only] [$1000] [149717] CVE-2012-5118: Integer bounds check issue in GPU command buffers. Credit to miaubiz. (High)
- [$1000] [154055] CVE-2012-5121: Use-after-free in video layout. Credit to Atte Kettunen of OUSPG. (High)
- [145915] CVE-2012-5117: Inappropriate load of SVG subresource in img context. Credit to Felix Gröbert of the Google Security Team. (Low)
- [149759] CVE-2012-5119: Race condition in Pepper buffer handling. Credit to Fermin Serna of the Google Security Team. (Medium)
- [154465] CVE-2012-5122: Bad cast in input handling. Credit to Google Chrome Security Team (Inferno). (Medium)
- [154590] [156826] CVE-2012-5123: Out-of-bounds reads in Skia. Credit to Google Chrome Security Team (Inferno). (Medium)
- [155323] CVE-2012-5124: Memory corruption in texture handling. Credit to Al Patrick of the Chromium development community. (High)
- [156051] CVE-2012-5125: Use-after-free in extension tab handling. Credit to Alexander Potapenko of the Chromium development community. (Medium)
- [156366] CVE-2012-5126: Use-after-free in plug-in placeholder handling. Credit to Google Chrome Security Team (Inferno). (Medium)
- [157124] CVE-2012-5128: Bad write in v8. Credit to Google Chrome Security Team (Cris Neckar). (High)
Bug outside of Chrome:
- [Mac OS only] [$1000] [149904] CVE-2012-5115: Defend against wild writes in buggy graphics drivers. Credit to miaubiz. (High)
Note: Many of the above bugs were detected using AddressSanitizer.
Sources:
Google Chrome Releases
Google Chrome Blog
No comments:
Post a Comment