MAAS History
Archives
« Google Chrome 5.0.375.99 Released | Main | Security Advisory for Adobe Reader and Acrobat: APSB10-15 »
Friday
Jun252010

Google Chrome 5.0.375.86 Released

Google has released an update to Chrome which enables the intergrated Flash Player by default. It is difficult sometimes for users and administrators to balance security and Flash content. First up, make sure that you review and your Flash Player Settings. In Chrome you can open the Flash Settings Manager by selecting Clear Browser Data. 

Issuess adressed include the following:

  1. [38105Medium XSS via application/json response (regression). Credit to Ben Davis for original discovery and Emanuele Gentili for regression discovery.
  2. [43322Medium Memory error in video handling. Credit to Mark Dowd under contract to Google Chrome Security Team.
  3. [43967High Subresource displayed in omnibox loading. Credit to Michal Zalewski of Google Security Team.
  4. [45267High Memory error in video handling. Credit to Google Chrome Security Team (Cris Neckar).
  5. [$500] [46126High Stale pointer in x509-user-cert response. Credit to Rodrigo Marcos of SECFORCE.

 

Users then should consider reading the following post releated to Flash settings. 

Another way to manage the risk related to Flash content is to install the Chrome extension Flash Block, available here.

This is a short description from the download/installer page.

Short Description:
=============
The extension automatically blocks flash content on webpages.
Each flash element is being replaced with a placeholder that allows you to load only selected elements on a given page.
You can also manage a whitelist of allowed websites via a configuration panel.

In general, FlashBlock helps with lowering memory usage, reducing cpu cycles,
and can be used as an alternative to AdBlock. 

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (2)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Member Account Required
You must have a member account on this website in order to post comments. Log in to your account to enable posting.