Google Welcomes Chrome 25, Brings HTML5 Better Support, Voice Recognition Support And More

Posted on Feb 22 2013 - 12:07pm by Editorial Staff

Google on Thursday welcomed the next instalment of Chrome: the Chrome 25 for Windows, Mac and Linux. The new version includes improvements in managing and securing your extensions, better support for HTML5 time/date inputs, JavaScript Web Speech API support and better WebGL error handling. You can download the latest version directly from google.com/chrome.

Google Chrome 25

Google Chrome 25

Chrome 25 addresses a total of 22 security holes, nine of which rated as High, eight as Medium and five stands as Low:

  • [$1000] [172243] High CVE-2013-0879: Memory corruption with web audio node. Credit to Atte Kettunen of OUSPG.
  • [$1000] [171951] High CVE-2013-0880: Use-after-free in database handling. Credit to Chamal de Silva.
  • [$500] [167069] Medium CVE-2013-0881: Bad read in Matroska handling. Credit to Atte Kettunen of OUSPG.
  • [$500] [165432] High CVE-2013-0882: Bad memory access with excessive SVG parameters. Credit to Renata Hodovan.
  • [$500] [142169] Medium CVE-2013-0883: Bad read in Skia. Credit to Atte Kettunen of OUSPG.
  • [172984] Low CVE-2013-0884: Inappropriate load of NaCl. Credit to Google Chrome Security Team (Chris Evans).
  • [172369] Medium CVE-2013-0885: Too many API permissions granted to web store.
  • [Mac only] [171569] Medium CVE-2013-0886: Incorrect NaCl signal handling. Credit to Mark Seaborn of the Chromium development community.
  • [171065] [170836] Low CVE-2013-0887: Developer tools process has too many permissions and places too much trust in the connected server.
  • [170666] b>Medium CVE-2013-0888: Out-of-bounds read in Skia. Credit to Google Chrome Security Team (Inferno).
  • [170569] Low CVE-2013-0889: Tighten user gesture check for dangerous file downloads.
  • [169973] [169966] High CVE-2013-0890: Memory safety issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
  • [169685] High CVE-2013-0891: Integer overflow in blob handling. Credit to Google Chrome Security Team (Jüri Aedla).
  • [169295] [168710] [166493] [165836] [165747] [164958] [164946] Medium CVE-2013-0892: Lower severity issues across the IPC layer. Credit to Google Chrome Security Team (Chris Evans).
  • [168570] Medium CVE-2013-0893: Race condition in media handling. Credit to Andrew Scherkus of the Chromium development community.
About the Author
Editorial Staff

Editorial Staff at I2Mag is a team of subject experts led by Karan Chopra.