Google Chrome 23.0.1271.91 Final Released

Google Chrome 23.0.1271.91 has been updated to the Stable channel for Windows, Mac, Linux, and Chrome Frame platforms. This version fixes no audio from Flash content issue, and Aw, Snap renderer crash issue. This version also address multiple vulnerabilities that may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

For Chrome 23 on Windows, Google enabled GPU-accelerated video decoding by default. Dedicated graphics chips draw far less power than a computer's CPU, so using GPU-accelerated video decoding while watching videos can increase battery life significantly.

You’ll also find it much easier to view and control any website’s permissions for capabilities such as geolocation, pop-ups, and camera/microphone access. This saves you from having to dig through settings pages to find these permissions. Now, simply click on the page/lock icon next to a website’s address in the omnibox to see a list of permissions and tweak them as you wish.

Chrome 23 also includes an option to send a "do not track" request to websites and web services. By the way the effectiveness of such requests is dependent on how websites and services respond, so Google is working with others on a common way to respond to these requests in the future.

Install Google Chrome Stable
To install Google Chrome 23.0.1271.91 Stable (Final) please visit http://www.google.com/chrome website.

Google Chrome 23.0.1271.91

Note: If you’re running the Windows 8 Enterprise, you’ll be able to try Chrome in Windows 8 Modern Style mode by setting it as your default browser.

Google Chrome 23.0.1271.91 (Windows 8 Modern Style)

What's new in Google Chrome 23.0.1271.91 Stable (November 26, 2012)
This release contains the following updates:
  • No audio from Flash content when speaker configuration is set to Quadraphonic (Issue: 159924)
  • Aw, Snap renderer crash on Windows Server 2003 (Issue: 160559)

Security fixes:
  • [$1000] [156567] CVE-2012-5133: Use-after-free in SVG filters. Credit to miaubiz. (High)
  • [$500] [148638] CVE-2012-5130: Out-of-bounds read in Skia. Credit to Atte Kettunen of OUSPG. (Medium)
  • [155711] CVE-2012-5132: Browser crash with chunked encoding. Credit to Attila Szász. (Low)
  • [158249] CVE-2012-5134: Buffer underflow in libxml. Credit to Google Chrome Security Team (Jüri Aedla). (High)
  • [159165] CVE-2012-5135: Use-after-free with printing. Credit to Fermin Serna of Google Security Team. (Medium)
  • [159829] CVE-2012-5136: Bad cast in input element handling. Credit to Google Chrome Security Team (Inferno). (Medium)

Bug outside of Chrome:
  • [$1000] [152746] CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs. Credit to Justin Drake. (High)

Note: Many of the above bugs were detected using AddressSanitizer.

Source:
Google Chrome Stable Channel Update
Google Chrome Blog

No comments: