Chrome browser for Android gets security boost, patches

Google has upgraded its Chrome browser for Android devices, boosting its security framework and patching several security bugs.

The security holes that were fixed were all rated as "medium" for their severity, and Google paid US$500 for each one to the individuals who reported them.

The seven bugs included a current-tab cross-application scripting vulnerability, a file-induced information and credential disclosure and cookie theft by a malicious local Android application.

The new version of Chrome for Android also features improved sandbox technology, which isolates websites so that malicious ones don't impact the entire browser operation.

"This is made possible by the innovative multi-process architecture in Chrome for Android, in conjunction with Android's User ID (UID) isolation technology," wrote Google software engineer Jay Civell in a blog post.

This improved sandbox functionality will be automatically used for Android devices running the 4.1 version of the OS, commonly known as Jelly Bean.

The upgrade is also available for users of devices running version 4.0 of Android, called Ice Cream Sandwich.

Google also maintains a list of outstanding bugs in Chrome for Android affecting areas like fonts, language, website display, settings, third-party applications and scrolling.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

• Bookmark this page
• Share this article
  •  
  • facebook
  • slashdot
  • digg
  • Reddit
  • stumbleupon
  • linkedin
  • twitter
• Got more on this story? Email Computerworld
• Follow Computerworld on twitter

• Share
  Share this article1

  •  google+
  • facebookfacebook
  • slashdotslashdot
  • diggdigg
  • RedditReddit
  • stumbleuponstumbleupon
  • linkedinlinkedin
  • twittertwitter
• print
• email
• Bookmark