Google on Wednesday has updated its Chrome browser desktop version to fix three vulnerabilities discovered by external researchers, including two high-severity flaws.
The most severe problems were a heap corruption in the FFmpeg video and audio converter tool (CVE-2016-5199) and an out-of-bounds memory access in the V8 open-source JavaScript Engine (CVE-2016-5200). Google also corrected an info leak in Chrome extensions (CVE-2016-5201), and made a series additional tweaks to its browser based on internal audits and fuzzing (a fourth fix, collectively designated as CVE-2016-5202).
This newest stable-channel release – version 54.0.2840.99 for Windows, 54.0.2840.98 for Mac and 54.0.2840.100 for Linux – will roll out over the coming days and weeks, the company announced on its Chrome Releases blog.