{"id":5772,"date":"2012-09-05T11:42:34","date_gmt":"2012-09-05T18:42:34","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=5772"},"modified":"2012-12-12T13:57:00","modified_gmt":"2012-12-12T21:57:00","slug":"google-chrome-update-fixes-three-high-level-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/","title":{"rendered":"Google Chrome Update Fixes Three High-Level Vulnerabilities"},"content":{"rendered":"<p>The Google team has updated its Chrome web browser to version <a href=\"http:\/\/googlechromereleases.blogspot.com\/2012\/08\/stable-channel-update_30.html\" target=\"_blank\">21.0.1180.89<\/a> for Mac OS X and other operating systems. Security fixes include patches for three high-level vulnerabilities; the build fixes eight vulnerabilities overall. Google awarded $3,500 in cash to the independent security researchers who provided information about the security holes in its product. (Both Google and The Mozilla Foundation encourage scrutiny of their web browsers by paying independent researchers for information about vulnerabilities in their products.)<\/p>\n<p>Following are descriptions of the three bugs rated \u201cHigh\u201d:<\/p>\n<ul>\n<li><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-2866\" target=\"_blank\">CVE-2012-2866<\/a>: Fixes a bug in all versions of Google Chrome before 21.0.1180.89, in which the browser does not properly perform a cast of an unspecified variable during handling of run-in elements. Unpatched, this allows remote attackers to cause a denial of service (or other impact) by way of maliciously crafted documents.<\/li>\n<li><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-2869\" target=\"_blank\">CVE-2012-2869<\/a>: Fixes a big in all versions of Google Chrome before 21.0.1180.89, in which the browser does not properly load URLs. Unpatched, this allows remote attackers to cause a denial of service (or possibly have unspecified other impact) by way of vectors that trigger a \u201cstale buffer.\u201d<\/li>\n<li><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-2871\" target=\"_blank\">CVE-2012-2871<\/a>: Fixes a problem with libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, in which the browser does not properly support a cast of an unspecified variable during handling of XSL transforms. Unpatched, this allows remote attackers to cause a denial of service (or other impact) by way of maliciously crafted documents, related to the _xmlNs data structure in include\/libxml\/tree.h.<\/li>\n<\/ul>\n<p>Google\u2019s Chrome browser updates automatically, or you can <a href=\"https:\/\/www.google.com\/intl\/en\/chrome\/browser\/\" target=\"_blank\">download Google Chrome<\/a> to check it out.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for three high-level vulnerabilities; the build fixes eight vulnerabilities overall. Google awarded $3,500 in cash to the independent security researchers who provided information about the security holes in its product. (Both [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[38,60],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google Chrome Update Fixes Three High-Level Vulnerabilities - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2012-09-05T18:42:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2012-12-12T21:57:00+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Derek Erwin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/\",\"name\":\"Google Chrome Update Fixes Three High-Level Vulnerabilities - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"datePublished\":\"2012-09-05T18:42:34+00:00\",\"dateModified\":\"2012-12-12T21:57:00+00:00\",\"description\":\"The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google Chrome Update Fixes Three High-Level Vulnerabilities\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\"},\"headline\":\"Google Chrome Update Fixes Three High-Level Vulnerabilities\",\"datePublished\":\"2012-09-05T18:42:34+00:00\",\"dateModified\":\"2012-12-12T21:57:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#webpage\"},\"wordCount\":271,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"keywords\":[\"Chrome\",\"Google\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\",\"name\":\"Derek Erwin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"caption\":\"Derek Erwin\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"Google Chrome Update Fixes Three High-Level Vulnerabilities - The Mac Security Blog","og_description":"The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for","og_url":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/","og_site_name":"The Mac Security Blog","article_published_time":"2012-09-05T18:42:34+00:00","article_modified_time":"2012-12-12T21:57:00+00:00","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Derek Erwin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/","name":"Google Chrome Update Fixes Three High-Level Vulnerabilities - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"datePublished":"2012-09-05T18:42:34+00:00","dateModified":"2012-12-12T21:57:00+00:00","description":"The Google team has updated its Chrome web browser to version 21.0.1180.89 for Mac OS X and other operating systems. Security fixes include patches for","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Google Chrome Update Fixes Three High-Level Vulnerabilities"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812"},"headline":"Google Chrome Update Fixes Three High-Level Vulnerabilities","datePublished":"2012-09-05T18:42:34+00:00","dateModified":"2012-12-12T21:57:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#webpage"},"wordCount":271,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"keywords":["Chrome","Google"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/google-chrome-update-fixes-three-high-level-vulnerabilities\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812","name":"Derek Erwin","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","caption":"Derek Erwin"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-1v6","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/5772"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=5772"}],"version-history":[{"count":11,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/5772\/revisions"}],"predecessor-version":[{"id":5785,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/5772\/revisions\/5785"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=5772"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=5772"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=5772"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}