Google revs up Chrome, crushes bugs
Google on Thursday upgraded Chrome, improving the browser's start-up performance and patching two dozen security vulnerabilities.
Chrome 24 contained few major changes. That's typical, as Google usually refreshes its browser every six to eight weeks.
Chrome 24 also patched 24 vulnerabilities. Its security team labeled 11 of the flaws as "high," Google's second-most-serious threat rating, eight as "medium," and five as "low."
Five of the flaws were "use-after-free" bugs, a type of memory allocation vulnerability that Chrome's security engineers have become adept at finding; and four, including one of the use-after-free vulnerabilities, that affected the browser's built-in PDF viewer.
Chrome 24 also included a new version of Adobe's Flash Player that contained a solo critical patch. Adobe had patched Flash for other browsers on Tuesday. It is rare for Chrome to lag behind Flash's patch pace; in several instances, a new Chrome update has hit Google's download servers before Adobe releases the fixes to the public.
Google updates Flash because it's responsible for maintaining the bundled copy of Flash Player inside Chrome. Google has baked Flash into Chrome since March 2010. Last year, Microsoft mimicked the practice by including Flash in Internet Explorer 10 (IE10), the Redmond, Wash., company's newest Windows 7 and Windows 8 browser.
Users can download Chrome 24 from Google's website. Active users can simply let the automatic updater retrieve the new edition.