The Chrome OS team have just pushed out an update to the stable channel. The update to Chrome OS 26 contains a number of high risk security fixes.
The security fixes included in this release are as follows:
- [227197] Medium CVE-2013-2832: Uninitialized memory left in buffer in O3D plug-in.Credit to Ralf-Philipp Weinmann.
- [227181] High CVE-2013-2833: Use-after-free in O3D plug-in. Credit to Ralf-Philipp Weinmann.
- [227158] High CVE-2013-2834: Origin lock bypass of O3D and Google Talk plug-ins. Credit to Ralf-Philipp Weinmann.
- [196456] High CVE-2013-2835: Origin lock bypass of O3D and Google Talk plug-ins. Credit to Google Chrome Security Team (Chris Evans).
Chrome OS 26.0.1410.57 is available now for all Chrome devices. Devices will be receiving updates over the next several days.