Fails to fix flaws used by Vupen to score sandbox escape, says French security firm
Computerworld - Google on Tuesday patched several vulnerabilities in Chrome, including two a French security company said could be used to bypass the browser's anti-exploit technology.
But Chrome 11.0.696.71, which Google rolled out yesterday to users via its automatic update mechanism, does not patch the flaw that Vupen researchers said earlier this month could be exploited on Windows 7.Tuesday's security update was the second for the Chrome "stable" build -- the most polished version of the browser -- this month.
Google fixed four vulnerabilities in the update, including two rated "critical," the category typically reserved for bugs that may let an attacker escape Chrome's "sandbox." Google has patched five critical bugs so far this year. Read More
