Google has released Chrome Stable 15.0.874.121 for Windows, Mac, Linux and Chrome Frame platforms fixing a single JavaScript flaw. The flaw is identified as CVE-2011-3900 and is rated as being high impact by Google.
The flaw is an out-of-bounds write issue with the Chrome v8 JavaScript Engine. An out-of-bounds write, means that a process has privileges to write, where it should not be able to write. That extra privilege could potentially be exploited by an attacker to execute unauthorized remote code. Google has updated the v8 JavaScript engine to version 3.5.10.24 to correct the flaw.
The v8 flaw was discovered by security researcher Christian Holler, who was award $1,000 by Google for reporting the issue.
The Chrome Stable 15.0.874.121 update is the second security update from Google for Chrome in a week. On November 10, Google released Chrome Stable 15.0.874.120, fixing seven flaws, five marked as being high impact.
Over the short life of the Chrome 15 browser so far, Google has been very active. The first stable release of Chrome 15 came out at the end of October. The first release fixed over 27 flaws in Chrome, with Google paying out a record $26,511 in rewards to security researchers.