Update Available on the Stable, Beta and Dev Channel: Chrome 2.0.172.37 and Chrome 3.0.194.3
Article by George Norman
On 20 Jul 2009
Google, the Mountain-view based company that we all know for their search engine, has released an update for the Chrome 2.0 browser. The update, which carries the version number of 2.0.172.37, has been released on the Beta channel and on the Stable channel and is meant to fix some bugs and some security vulnerabilities affecting the software.

Chrome 2.0.172.37 fixes the following bugs”
- Fixed solving CAPTCHA images at Orkut.com.
- Forward and back navigation works even when the user is redirected.
- Some CET locales did not properly recognize daylight savings time. This issue has been fixed.

Advertising

Chrome 2.0.172.37 version changes
- V8JavaScript engine version 1.1.10.14
- Google Gears 0.5.25.0

The Chrome 2.0.172.37 also addresses two security vulnerably affecting the web browser. One has been given the critical rating (run arbitrary code with the privileges of the logged user) while the second has been rated high (attacker might run arbitrary code on the targeted machine within the Chrome sandbox).

An official description of the two security vulnerabilities has been provided by the Google security team, the one who uncovered these security holes:

Critical: Memory corruption in the browser process

A compromised renderer (tab) process could cause the browser process to allocate very large memory buffers. This error could cause the browser process (and all tabs) to crash or possibly allow arbitrary code execution with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.

High: Heap overflow with Javascript regular expressions

Evaluating a specially-crafted regular expression in Javascript on a web page can lead to memory corruption and possibly a heap overflow. Visiting a maliciously crafted website may lead to a renderer (tab) crash or arbitrary code execution in the Google Chrome sandbox.

Google has rolled out an update on the dev channel as well: Google Chrome 3.0.194.3 for Mac and Linux. For the Windows developer, the latest release is Chrome 3.0.193.0. The announcement has been made by Engineering Program Manager with Google, Jonathan Conradt.

“Google Chrome 3.0.194.3 has been released to the Dev channel for Mac and Linux. Windows remains on 3.0.193.1. More details are available in the release notes and the log of all revisions. You can find out about getting on the Dev channel here. If you find new issues, please let us know by filing a bug [here],” said Conradt.

Here are some Chrome 3.0.193.0 for Mac and Linux highlights:
- Saving files should no longer cause the browser to crash.
- Dragging and closing a tab should no longer cause the browser to crash.
- Session info will no longer be lost when you restart Chrome 3.0 for Linux.

And in related news, Google has announced that in order to narrow the window of vulnerability that opens up whenever the company pushes Chrome updates, Google will make all updates smaller in size. Not only does this make the update process a lot safer, it also means that Google can push many more updates per unit of bandwidth.

Software Engineer Stephen Adams explains that all this has been made possible by replacing the existing binary diff algorithm with a new one. “We tried several binary diff algorithms and have been using bsdiff up until now. We are big fans of bsdiff - it is small and worked better than anything else we tried. But bsdiff was still producing diffs that were bigger than we felt were necessary. So we wrote a new diff algorithm that knows more about the kind of data we are pushing - large files containing compiled executables.”

To put things in perspective, here’s how much the update size has shrunk:
Full update: 10,385,920 bytes
bsdiff update: 704,512 bytes
Courgette update: 78,848 bytes



Tags: Google, Chrome, Beta, Stable, Dev, Security
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 21 Jun 2017
Fidget spinners, the toys that the internet loves to hate, have managed to grab Google’s attention. The search engine is offering a virtual fidget on desktop as well as mobile. Simply search for "spinner" and Google Search will bring up a fidget spinner quick answer card.
By George Norman on 09 Aug 2017
Android started out as an underdog, as the mobile operating system that nobody took seriously. Big-name tech companies laughed it off and critics said it would fail miserably, but Android proved them all wrong and become the powerhouse that it is today.
By George Norman on 14 Aug 2017
Opera Max, the Android app that uses compression technology to help you save data and get up to 50% more from your data plan, has been discontinued. The app is no longer featured on Opera.com and it’s no longer listed on Google Play.
By George Norman on 10 Jul 2017
With technology constantly evolving, many devices become obsolete and get replaced with something that's better, smaller, and probably a lot shinier.
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Update Available on the Stable, Beta and Dev Channel: Chrome 2.0.172.37 and Chrome 3.0.194.3
HTML Linking Code