Google yesterday updated the its browser for Windows, Mac and Linux machines, fixing two vulnerabilities, including one considered high in severity.
In a blog post, Google described the more serious bug as a “function signature mismatch” in WebAssembly binary language. The vulnerability has yet to be assigned a CVE number, but it did manage to fetch a $3,000 bug bounty for Kevin Cheung from Autodesk, who reported the problem.
A second, medium-severity bug consists of a URL spoofing condition in Chrome’s Omnibox address bar, which was reported by evi1m0 of Bilibili Security Team.
In addition to releasing Chrome desktop version 69.0.3497.92, Google also updated its Chrome for Android browser to version 69.0.3497.91. While Google said the new release includes bug fixes, the blog post does not detail what those improvements are.