With Windows enthusiasts awaiting the public release of the Chromium-based Microsoft Edge browser, Microsoft reportedly made it available in an unlikely place. According to reports, some users of Windows 10 Insider build 18865 have found that Microsoft is testing the Edge Insider build withing the Windows Sandbox feature.
Google has confirmed a recent update to Chrome was to patch a zero-day issue in the popular browser, an exploit that was actively used in attacks, and has recommended all Chrome users on Mac, Windows, and Linux update their installations as soon as possible.
A patch for Chrome shipped on March 1 consisting of a fix for a security flaw, identified as CVE-2019-5786. The update, which only fixed the issue without making other changes to the browser, brought Chrome on all three operating systems up to version 72.0.3626121.
Qualys has developed a free extension for Google Chrome to protect browsers from cryptojacking attacks, Dark Reading has learned.
The new BrowserCheck CoinBlocker Extension uses both domain blacklists for cryptocurrency mining sites as well as heuristics features to detect unknown cryptojacking attack types. Qualys will officially roll out the plugin on Wed., July 25, but it's already available on the Google Chrome Web Store.
Google Chrome users who visit unencrypted websites will be confronted with warnings from tomorrow.
The changes will come for surfers using the latest version of Google Chrome, version 68. Any web page not running HTTPS with a valid TLS certificate will show a "Not secure" warning in the Chrome address bar from version 68 onwards. The warning will apply both to internet-facing websites and intranet sites accessed through Chrome, which has approximately 60 per cent market share.
Google has tightened the rules for admission to the Chrome Web Store, the online bazaar for add-ons to its browser.
The big change to the Alphabet subsidiary's User Data Policy is that third-party party developers are no longer permitted to move personal data in plain text. Developers must also create and publish a privacy policy explaining what data they collect using Chrome, how it is used and apply “modern cryptography” when the data is in transit.
Google today launched Chrome 47 for Windows, Mac, and Linux with cooperative multitasking, automatic dismissal of desktop notifications, security improvements, and new developer features. It also removes the desktop notification center. You can update to the latest version now using the browser’s built-in silent updater or download it directly from google.com/chrome.
Google today released a 64-bit stable version of its Chrome browser for Windows systems. The 64-bit support has been in testing since June, and as of Chrome version 37 it has made it to the mainstream version.
The 64-bit version offers three main advantages and one possible drawback. The browser's advantages are speed, security, and stability. Google claims that certain media and graphics workloads in particular are faster with 64-bit. It offers the example of VP9 video decoding—used for some YouTube high-definition streams—being 15 percent quicker compared to 32-bit.
A total of 12 vulnerabilities have been repaired in this release, as always, some of them being discovered by external security researchers, who were also rewarded for their efforts through Google’s bug bounty program.
For a use-after-free security flaw (CVE-2014-3165) in web sockets, Google paid $2,000 / €1,500 to researcher Collin Payne; additional information about this flaw is not available at the moment.
Linux is very secure. Google's Linux-based Chrome OS, with its auto-updating and security sandboxing, is even more secure. But, neither is perfect. At Google's own Pwnium hacking contest and HP Zero Day Initiative's (ZDI) annual Pwn2Own hacking contest, three new sets of security problems were found in Chrome OS... and then immediately patched.
The new release proves controversial as Google tightens control over the browser to the anger of some users.
In terms of new features, version 33 is rather disappointing – despite debuting in the beta channel a few weeks ago, Google Now notifications have yet to make their way across to the stable channel. In fact, version 33 is little more than a bug-fix release, with 28 security fixes the only notable highlight.
