Google issued a Chrome update to address Windows, Mac, and Linux vulnerabilities that, if exploited, would allow remote attackers to take control of affected systems.
The updated Chrome version (48.0.2564.109) addressed six vulnerabilities, including flaws that allowed same-origin bypass in Chrome extensions (CVE-2016-1622), DOM same-origin bypass (CVE-2016-1623), Buffer overflow in Brotli (CVE-2016-1624), a Chrome Instant Navigation bypass (CVE-2016-1625), a PDFium out-of-bounds read (CVE-2016-1626), and updates based on Google's ongoing internal audits and other initiatives (CVE-2016-1627).
The bugs were discovered by Mariusz Mlynski, lukezli, Jann Horn, and an anonymous security researcher working with HP's Zero Day Initiative.
Google also announced it will no longer allow Flash display ads on AdWords or DoubleClick Digital Marketing campaigns, starting June 30. The search giant's continues its efforts to move off Flash to HTML5. Flash display ads will no longer be accepted on Google Display Network or DoubleClick, starting Jan. 2, 2017.