Internet Security Alert 08/31/2012: Google Chrome Multiple Vulnerabilties

Google Chrome browser vulnerabilities have been reported in versions prior to 21.0.1180.89

Important Internet Security Alert!

On August 30, 2012, Google announced that their Stable channel has been updated to 21.0.1180.89 for Linux, Mac, Windows and Chrome Frame.

Multiple vulnerabilities were found in Google Chrome that put users at risk of cross-site scripting attacks, compromise of user’s system, and some other unknown impacts.

Google has patched the following security vulnerabilities and advises ALL users to upgrade to Version 21.0.1180.89.

  1. Out-of-bounds read in line breaking (medium security risk)
  2. Bad cast with run-ins (high security risk)
  3. Browser crash with SPDY (low security risk)
  4. Race condition with workers and XHR (medium security risk)
  5. Avoid stale buffer in URL loading (high security risk)
  6. Lower severity memory management issues in XPath (low security risk)
  7. Bad cast in XSL transforms (high security risk)
  8. XSS in SSL interstitial (medium security risk)

Read Google Chrome Announcement and Release Notes at

Google Chrome Security Update

How to update your Google Chrome browser

  1. Open your Google Chrome browser
  2. Click on the wrench icon in the top right corner of your browser.
  3. Click on the “About Google Chrome” link.
  4. Once the popup window opens, Google Chrome will automatically check for updates and run the installer for you.
  5. You will be asked to “relaunch” Google to apply the update.

Important! This security update is for all operating systems. Please update Google Chrome now.

About Regina Smola

Regina Smola is a sought-after WordPress Security Expert, co-founder of, and owner of She has helped thousands of WordPress users tighten security on their WordPress sites and fixed hundreds of hacked WordPress blogs. Get more info on Regina on Facebook and Google+.

Speak Your Mind

WordPress® and its related trademarks are registered trademarks of Automattic, Inc. This site is not affiliated
with or sponsored by Automattic, Inc., the WordPress Foundation or the WordPress® Open Source project.