From securityweek.com
Google on Tuesday released Chrome 70 in the stable channel, with patches for nearly two dozen vulnerabilities, as well as with updated sign-in options.
Available for Windows, Mac and Linux as version 70.0.3538.67, the new Chrome iteration arrives with patches for 23 vulnerabilities, 18 of which were discovered by external researchers. These include 6 flaws rated high severity, 8 medium risk, and 4 low severity issues.
The addressed flaws include sandbox escape, remote code execution, heap buffer overflow, URL spoofing, use after free, memory corruption, cross-origin URL disclosure, security UI occlusion in full screen mode, iframe sandbox escape on iOS, and lack of limits on update() in ServiceWorker.