Chrome browser for Android gets security boost, patches

Google fixed seven security holes in the mobile browser, all rated 'medium' for severity

Google has upgraded its Chrome browser for Android devices, boosting its security framework and patching several security bugs.

Retro browser war

The security holes that were fixed were all rated as "medium" for their severity, and Google paid US$500 for each one to the individuals who reported them.

The seven bugs included a current-tab cross-application scripting vulnerability, a file-induced information and credential disclosure and cookie theft by a malicious local Android application.

The new version of Chrome for Android also features improved sandbox technology, which isolates websites so that malicious ones don't impact the entire browser operation.

"This is made possible by the innovative multi-process architecture in Chrome for Android, in conjunction with Android's User ID (UID) isolation technology," wrote Google software engineer Jay Civell in a blog post.

This improved sandbox functionality will be automatically used for Android devices running the 4.1 version of the OS, commonly known as Jelly Bean.

The upgrade is also available for users of devices running version 4.0 of Android, called Ice Cream Sandwich.

Google also maintains a list of outstanding bugs in Chrome for Android affecting areas like fonts, language, website display, settings, third-party applications and scrolling.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

Insider Shootout: Best security tools for small business
Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies