'High-risk' Chrome sandbox vulnerability patched
Of the 37 bugs fixed in Google's latest version of its Chrome browser, the patching of a vulnerability that allowed attackers to escape the Chrome sandbox has received the most attention.
Deemed a "high-risk" vulnerability due to its widespread exploitation, the sandbox escape bug was discovered by independent researchers who also reported six other serious flaws including cross-origin bypasses and three use-after-free vulnerabilities. According to online news sources, Google has awarded as much as £25,000 to the researchers for reporting the high-risk bugs.
The composition and location of the sandbox-escape bug and other flaws remain publicly unknown, however, as Google has yet to release the details of the patched vulnerabilities.