According to a report on PCWorld.com site, search engine giant Google (News - Alert) has released an update for Chrome 15 browser which addresses a high-risk vulnerability. An out-of-bounds memory write in the browser's JavaScript engine is the cause of this problem, says the PCWorld.com report.

IDG News reporter Lucian Constantin wrote that under normal condition such as susceptibility would allow remote code execution, which would be regarded as serious. “However, because Google Chrome uses a native sandbox that prevents attackers from executing malicious code, the severity of the bug was downgraded,” wrote Constantin.

In reality, this problem was first discovered by Mozilla (News - Alert) security engineer Christian Holler. For reporting this issue to Google, Holler was paid US $1000 via the Chromium Vulnerability Rewards Program, according to PCWorld.com report.

As per this report, the updated Google Chrome 15.0.874.121 for Windows, Mac, and Linux also addresses a non-security issue that causes SVG elements loaded within iframes to ignore specified dimensions. “This is actually a regression bug introduced by recent code modifications,” Constantin wrote.

The updated Chrome 15 offers other bug fixes that deal with the browser's behavior on Chrome OS, Google's cloud-oriented operating system, as well as includes changes to the default NAT traversal policy used by the Chromoting remote access feature, the downloads folder display, the login process, and the GPU blacklist, as per the description on the PCWorld.com site.

Furthermore, according to Constantin, the update also includes some minor bug fixes in the V8 JavaScript engine. Meanwhile, Google advises home users to upgrade to the new version by using the built-in Chrome update mechanism, which can be easily triggered by restarting the browser. For corporate network administrators, the search engine giant recommends using the Google Update for enterprise policy, wrote Constantin.