Chrome 39 contains 42 security fixes, fallback to SSL 3.0 removed

Google Chrome 39, which was promoted to the stable channel for Windows, Mac and Linux on Tuesday, contains 42 security fixes.

A researcher identified as ‘biloulehibou’ earned $7,500 for discovering a double-free vulnerability in Flash, Chen Zhang of the NSFOCUS Security Team earned $5,000 for uncovering a use-after-free bug in Blink, and a researcher known as ‘cloudfuzzer’ earned $3,000 for identifying a buffer overflow flaw in PDFium, according to a Tuesday post.

Fallback to SSL 3.0 has been removed in Chrome 39, according to a Tuesday tweet by Adam Langley, senior staff software engineer at Google, who wrote in late October that SSL 3.0 will be disabled completely in Chrome 40.

In October, Google researchers uncovered a vulnerability in SSL 3.0 – known as POODLE – that could enable an attacker to intercept plaintext data from secure connections.


Via: scmagazine

Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published. Required fields are marked *