Google Updates Chrome Stable Channel, Introduces Speech Input Feature
by iClass - Thursday, April 28, 2011
The new stable channel also mitigates 27 security vulnerabilities. While 18 of those have been rated as high risk vulnerabilities, 6 have been rated as medium risk and 3 as low risk vulnerabilities. Google's rates security flaws as critical, high, medium and low. High risk vulnerabilities are those, which allow an attacker to read or alter confidential data, execute arbitrary code within sandbox, or interfere with browser security features. The vulnerabilities mitigated include 5 stale pointer issues in float object handling, layering code, drop-down list handling, height calculations, and PDF forms. The security update resolves an integer overflow issue in float rendering and sandbox launcher. The latest patch resolves a Use-after-free issue in DOM id handling and WebSockets.
Usually, researchers qualified in penetration testing and masters of security science identify vulnerabilities. In this case, the security vulnerabilities were identified by researchers affiliated to the Chromium development community, Google security team and other independent security researchers. The developer has doled out a record $16,500 as bounties to security researchers for identifying and reporting security flaws. Google rewards security professionals not affiliated to Google and Chromium development community under the Vulnerability Reward Program. Sergey Glazuno, continues to be one of the major beneficiaries of the program and receives $4,000 for identifying Use-after-free issue in DOM id handling, Dangling pointers in DOM id map and corruption node trees with mutation events.
Software products are prone to vulnerabilities caused by programing or human errors. Attackers always strive to exploit weaknesses to intrude into computer systems and networks. Google has been proactive in mitigating security vulnerabilities. IT professionals may benefit from online university degree and distance learning programs and update their technical skills and know-how.
Developers must also place emphasis on improving cyber security awareness among end-users Security administrators must keep track of security updates, identify and apply necessary patches to mitigate vulnerabilities. Employees may be encouraged to undertake online degree courses on cyber security, participate in e-learning programs and training sessions to improve understanding of security threats and precautionary measures.
EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.
EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.
EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.
Read More Press Releases
‘Hiranandani Business Park, Thane conceptualizes a work culture that goes beyond just businesses’: Niranjan Hiranandani
Mumbai's Development Plan scrapped; hope the new plan will take a holistic view, Niranjan Hiranandani
Get press releases by email