Mountain View search engine giant Google has released Chrome 2.0.172.31 on the stable channel, update that is meant to address two security issues that Google discovered were affecting WebKit. The update is nothing too spectacular if you keep in mind that the security rating Google issued for these vulnerabilities are high and medium, but if you want to stay safe and protected, then you are very well advised to update.

The security vulnerabilities in question are “CVE-2009-1690 Memory corruption” which has been give the rating “high” as it could allow an person with malicious intent to run arbitrary code within Chrome’s sandbox, and “CVE-2009-1718 Drag and drop information leak” which has been rated as “medium” as it may allow an attacker to read data that belongs to another site if the user is fooled into selecting and dragging data on an attacker controlled site.

The official description of these two security vulnerabilities is provided by Google Chrome Program Manager, Mark Larson, below:

CVE-2009-1690 Memory corruption
A memory corruption issue exists in WebKit's handling of recursion in certain DOM event handlers. Visiting a maliciously crafted website may lead to a tab crash or arbitrary code execution in the Google Chrome sandbox. This update addresses the issue through improved memory management.

CVE-2009-1718 Drag and drop information leak
An issue exists in WebKit's handling of drag events. This may lead to the disclosure of sensitive information when content is dragged over a maliciously crafted web page. This update addresses the issue through improved handling of drag events.

It must be said that this is the first update Google’s development team has released since Chrome 2.0 reached stable version at the end of May. At the time, Chrome 2.0 was touted not only as being capable of providing the most user requested features, but also of providing a 30% speed increase (details here).

If you would like to get Chrome 2.0, a download location is available here.