Google on Thursday patched nine bugs in Chrome and upgraded the most stable edition of the browser to version 9. The nine flaws fixed in Chrome 9.0.597.84 range from several crash bugs to what Google called a "race condition in audio handling." The latter was the only vulnerability rated as "critical," Google's most serious ranking. Two others were pegged as "high" and six were labeled as "low."
According to French security company Vupen, the audio handling race condition bug can be exploited to escape Chrome's sandbox.
If accurate, it would be the second sandbox-escape vulnerability that Google's patched in the last two months. On Jan. 12, Google updated Chrome with fixes for 16 bugs, including one that Adobe yesterday said was also a sandbox-escape flaw.
Chrome is the only major browser that isolates system processes in a sandbox, technology designed to prevent malware from escaping an application, like Chrome, to infect the computer or steal information from the hard drive.