Chrome 15.0.874.121 updates the Web browser's JavaScript engine and fixes a high-risk security vulnerability Google has released an update for Chrome 15 which addresses a high-risk vulnerability. The security issue is the result of an out-of-bounds memory write in the browser’s JavaScript engine.Under normal circumstances such a vulnerability would allow remote code execution and would be considered critical. However, because Google Chrome uses a native sandbox that prevents attackers from executing malicious code, the severity of the bug was downgraded.[ Get your websites up to speed with HTML5 today using the techniques in InfoWorld’s HTML5 Deep Dive PDF how-to report. | Learn how to secure your Web browsers in InfoWorld’s “Web Browser Security Deep Dive” PDF guide. ] The vulnerability was discovered by Mozilla security engineer Christian Holler, who was paid $1,000 through the Chromium Vulnerability Rewards Programs for reporting it.The new Google Chrome 15.0.874.121 for Windows, Mac, Linux, also addresses a non-security issue that causes SVG elements loaded within iframes to ignore specified dimensions. This is actually a regression bug introduced by recent code modifications.Other fixes contained in this release deal with the browser’s behavior on Chrome OS, Google’s cloud-oriented operating system, and include changes to the default NAT traversal policy used by the Chromoting remote access feature, the downloads folder display, the login process, and the GPU blacklist. The update also includes some minor bug fixes in the V8 JavaScript engine. Home users are advised to upgrade to the new version by using the built-in Chrome update mechanism, which can be triggered by restarting the browser. Corporate network administrators can deploy it by using the Google Update for enterprise policy. Technology IndustryPatch Management Software