Google has fixed three high risk flaws in its Chrome browser, and come good on its promise to pay the researcher who found the vulnerabilities.
The company said in a blog post yesterday that Timothy D. Morgan, of Virtual Security Research, had elected to donate his US$500 reward to the Haiti relief effort. Google then added to the donation to make a total of US$1,337.
Google has also updated Chrome to version 4.0.249.89 for Windows, fixing one low, two medium and three high risk flaws. The first relates to integer overflows in the v8 engine, while the others deal with an integer overflow deserialising the sandbox message and an error processing tag.
The web giant announced at the end of January that it would pay between US$500 and US$1,337 to developers who find security holes in Chrome and report them directly to Google.