Google Has Released Chrome 26

A new version of Google’s highly popular browser is out today. To update simply visit the ‘About Chrome’ menu or download the new version. Updates include an enhanced spell checker and support for multiple users on Windows.

The new spell checking feature includes a tweaked dictionary and support for three new languages: Korean, Tamil and Albanian. Changes made to dictionaries are now synced across multiple devices.

Chrome 26 supports grammar checking, proper nouns, homonyms and context-sensitive spell checking – all new enhancements to the browser.

Version 26.0.1410.43 insludes 11 security fixes, two of which were rated high:

  • [$1000] [172342] High CVE-2013-0916: Use-after-free in Web Audio. Credit to Atte Kettunen of OUSPG.
  • [180909] Low CVE-2013-0917: Out-of-bounds read in URL loader. Credit to Google Chrome Security Team (Cris Neckar).
  • [180555] Low CVE-2013-0918: Do not navigate dev tools upon drag and drop. Credit to Vsevolod Vlasov of the Chromium development community.
  • [Linux only] [178760] Medium CVE-2013-0919: Use-after-free with pop-up windows in extensions. Credit to Google Chrome Security Team (Mustafa Emre Acer).
  • [177410] Medium CVE-2013-0920: Use-after-free in extension bookmarks API. Credit to Google Chrome Security Team (Mustafa Emre Acer).
  • [174943] High CVE-2013-0921: Ensure isolated web sites run in their own processes.
  • [174129] Low CVE-2013-0922: Avoid HTTP basic auth brute force attempts. Credit to “t3553r”.
  • [169981] [169972] [169765] Medium CVE-2013-0923: Memory safety issues in the USB Apps API. Credit to Google Chrome Security Team (Mustafa Emre Acer).
  • [169632] Low CVE-2013-0924: Check an extension’s permissions API usage again file permissions. Credit to Benjamin Kalman of the Chromium development community.
  • [168442] Low CVE-2013-0925: Avoid leaking URLs to extensions without the tabs permissions. Credit to Michael Vrable of Google.
  • [112325] Medium CVE-2013-0926: Avoid pasting active tags in certain situations. Credit to Subho Halder, Aditya Gupta, and Dev Kar of xys3c (xysec.com).

[thenextweb]

Comments are closed.