'High-risk' Chrome sandbox vulnerability patched

News by Ava Fedorov

Of the 37 bugs fixed in Google's latest version of its Chrome browser, the patching of a vulnerability that allowed attackers to escape the Chrome sandbox has received the most attention.

Deemed a "high-risk" vulnerability due to its widespread exploitation, the sandbox escape bug was discovered by independent researchers who also reported six other serious flaws including cross-origin bypasses and three use-after-free vulnerabilities. According to online news sources, Google has awarded as much as £25,000 to the researchers for reporting the high-risk bugs.

The composition and location of the sandbox-escape bug and other flaws remain publicly unknown, however, as Google has yet to release the details of the patched vulnerabilities.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews