If you're not already using Google Chrome, consider giving it a try. For those of us that are using the browser, we are running a little more secure today thanks to an update that came out yesterday that eliminated a total of 11 security flaws. There were three classified as critical, seven that were high, and one that was a medium priority exploit.
Six of the patches fix errors that resulted in memory corruption. These fixes should make the browser much more stable as memory corruption can result in strange program behavior and crashes. I'm personally hoping that this fixes a problem I've had with chrome plugins crashing.
One of the neat things that Google does in order to ensure security in their browser is they provide monetary rewards for security bug reports. Their awards range from $500 to $1337, with the top range being an obvious reference to "leet" speak. This system encourages people to seek out and report bugs to Google. For this particular set of patches, Google paid out $10,011, with the most money ($4,674) going to Sergey Glazunov for finding four of the security flaws.
In contrast to Google's strategy, Microsoft has stated that they will not provide monetary awards to those who discover their security flaws. This stance could lead to less safe Microsoft products, as security researchers will have less incentive to discover problems with their software.
Google Chrome is normally updated automatically in the background. However, if you want to verify that you're running the latest version you can pull up the "About Google Chrome" dialog (click on the wrench in Windows or on the Chrome icon in the menu bar on OS X) and verify that your version is 5.0.375.127. Mozilla is expected to take a page from Google's book and implement silent updates in the next version of Firefox.
If you'd like to see the full list of flaws that were fixed, with all the gory details, you can read the official Google blog post on the subject.
