Google Releases Chrome 18·0·1025·142

March 28, 2012

Google has released a new version, 18·0·1025·142, of its Chrome browser, for all platforms: Windows, Linux, Mac OS X, and Chrome Frame.  This new release includes fixes for nine security vulnerabilities, including three of High severity.  As expected, the bundled Flash Player is the just-released version.  It also provides improved graphics and drawing performance, and better 3-D graphics capabilities on older hardware.  More details are available in the release announcement, and on the Official Chrome Blog.

Windows and Mac users should get the new version via the built-in update mechanism.  Linux users should get the updated package from their distributions’ repositories, using their standard package maintenance tools.  You can verify that your system has been updated by clicking on the tools menu (the little wrench), and then on “About Google Chrome”.


Security Update for Flash Player

March 28, 2012

Adobe has issued a new version of its Flash Player, for all platforms (Windows, Mac OS X, Linux, Solaris, and Android) to incorporate fixes for two critical security vulnerabilities.   For Windows, Mac OS X, and Linux, the new version number is 11.2.202.228; for Solaris, the new version is 11.2.202.223, and for Android, 11.1.111.8.   According to Adobe’s Security Bulletin [APSB12-07], the affected versions of the player are:

  • Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
  • Adobe Flash Player 11.1.111.7 and earlier versions for Android 3.x and 2.x

Adobe rates this as a Priority 2 update, meaning:

This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent.

As Adobe says, Flash Player has been at “elevated risk”; it is very commonly installed, across multiple platforms, and is therefore an attractive target for the Bad Guys.

You can get the new version using the built-in update mechanism, or by downloading the installation package here.  Android users should see the update instructions in the Security Bulletin.

Although a new version of Google’s Chrome, incorporating the new Flash Player, has not been announced yet, I ‘d expect one within the next 24 hours or so.  I will post a note here when I get any definite information.

Update Wednesday, 28 March, 17:25 EDT

Google has now released a new version of Chrome incorporating this update.

The new version also includes, for Windows, a new automatic updating function, which will allow updates to be downloaded and installed without user intervention.  More details are available in this post on the Adobe Secure Software Engineering Team [ASSET] blog.

Update Thursday, 29 March, 11:35 EDT

Ars Technica has a brief article explaining the new auto-update capability.


%d bloggers like this: