22 Feb 2013
Chrome launched today a new version of the highly-popular browser today. The update includes improvements and new features for developers, but also addresses some security issues in version 24.
Among the most notable security fixes are issues with web audio note (CVE-2013-0879), a use-after-free vulnerability in database handling (CVE-2013-0880) as well as an issue that causes bad memory access with excessive SVG parameters (CVE-2013-0882)
“We’ve also resolved a high severity security issue by disabling MathML in this release. The WebKit MathML implementation isn’t quite ready for prime time yet but we are excited to enable it again in a future release once the security issues have been addressed,” reads the release note on the Chrome Blog.
Given the severity of the flaws in version 24.0.1312.57, you are advised to apply the update immediately by typing chrome://chrome/ into your browser’s address bar. While you’re at it, you should also revise the extensions you have installed by pointing the browser to chrome://extensions/ and removing any one you’re not familiar with or you haven’t installed voluntarily. Earlier this week, a malicious campaign targeted Chrome users with a malicious extension that arbitrarily likes Facebook pages.