Items tagged with Chrome
Google noted this week that it had patched a zero-day bug inside the Chrome browser that had to do with its V8 JavaScript engine. The V8 JavaScript Engine is open-source, and the flaw in Chrome impacted the versions of the browser for Windows, macOS, and Linux. The bug is tracked as CVE-2020-6418, and it has a severity rating of high. Google noted that the flaw impacts versions of Chrome that were released before 80.0.3987.122. Technical details of the bug are being withheld until the flaw has been fully patched, according to Google. ThreatPost, however, says that memory corruption vulnerabilities happen when memory is altered without explicit data assignments, triggering programming errors....
Read more...
Malware is a major problem and spreads easily through insecure downloads over the web. As such, Google's Chrome browser will begin to block "mixed content downloads" in order to guarantee that HTTPS (SSL secured) pages are only able to download secure files. Google's plan will be rolled out over various upcoming iterations of Chrome. Hypertext Transfer Protocol Secure (HTTPS) pages are intended to be secure ways to send data over a computer network. However, their security can be compromised by mixed content downloads or non-HTTPS secured transmission of files. Mixed content downloads are vulnerable to attackers and can do major damage to users. The plan is for the Chrome browser to therefore...
Read more...
Homer Simpson spoke for all of us when he said, "Mmm...crumbled-up cookie things" in Lisa the Greek (Season 3, Episode 14). I mean really, who does not like cookies? Or cookie things? Be that as it may, cookies in browsers are not always so delectable, and so Google is changing the recipe for developers with the release of Chrome 80. Chrome 80 will begin rolling out today, and then starting later in the month, Google will be enforcing a new cookie classification system within the latest stable browser build. This will start with a "small population of users" and then gradually increase to include more Chrome users over time (though Google doesn't specify how fast it plans to ramp things up)....
Read more...
It's no secret that Google has the most popular search engine on the planet and the most popular browser with Chrome. Microsoft also has its widely popular Office 365 suite of software. Microsoft now wants all the people that use Office 365 ProPlus to change to using its Bing search engine. The software giant announced this week that it would be forcing users to install the "Microsoft Search in Bing" extension if they are using the Chrome browser for all Office 365 ProPlus customers. The extension will be forced on the users with the version 2002 rollout of Office 365 ProPlus. That rollout is set to start in February, and there will be a broader rollout in March. The first countries to be graced...
Read more...
Google Chrome may be the most popular browser out there, but Windows 10 users know that it can be a resource hog. This lack of regard for efficiency is particularly evident when running Chrome on a Windows 10 notebook that is on battery power. Microsoft may have a solution that will end the power and resource-hogging that Chrome is known for. Last summer, Microsoft noted that it may be possible to reduce Chrome's battery use by eliminating the unnecessary disk caching when watching videos. The caching of video during playback keeps the disk in an active state and consumes power. Microsoft has a second commit that shows it plans to add a check to verify if the device is running on battery. The...
Read more...
Starting next month, Google will tighten the controls on its Chrome browser by limiting cross-site tracking, and within the next two years, it plans on eliminating third-party cookies from the equation. These and other steps are part of a larger initiative Google is calling "Privacy Sandbox," which entails open standards to enhance user privacy when surfing the web. "Our goal for this open source initiative is to make the web more private and secure for users, while also supporting publishers," Google said. On the surface, getting rid of third-party cookies may seem to go against the latter part of that statement, but Google believes there is a better way of satisfying both users and publishers....
Read more...
Microsoft is nearly ready to pull the plug on Windows 7; at least for general consumers. Starting next week, January 14thto be exact, Microsoft will end extended support for the operating system after more than a decade on the market. As you might expect, instead of diverting resources to keep Windows 7 operational, Microsoft would rather you upgrade to its newer Windows 10 operating system. With that being said, some software developers won't be so quick to part ways with Windows 7 compatibility, and one of those companies is none other than Google. Google Chrome is the most popular web browser around the globe, and a great number of Windows 7 users have it installed on their systems. While...
Read more...
Google was forced to stop the rollout of Chrome 79 for Android devices recently due to a bug. The bug was discovered when mobile app developers reported the update was deleting user data and resetting mobile apps. The bug occurred during the upgrade process from Chrome 78 to Chrome 79, and had to do with a changed location of the Chrome directory. Google developers have admitted that the mistake was their fault because they had forgotten to move the contents of localStorage or WebSQL into the new Chrome 79 directory. That mistake made the data inaccessible for all users. WebSQL and localStorage are both storage mechanisms that allow a website or web app to store data on the user device within...
Read more...
Google has announced that it will be rolling out a new version of Chrome in the coming days with release M79, which will bring better built-in password protection. Google introduced password breach warnings with the Password Checkup extension earlier this year. That extension would compare passwords and usernames against over 4 billion credentials that Google knows have been compromised. In October, Google went a step further and integrated the Password Checkup feature directly into the Google Account, making it available from passwords-google.com. The next natural step for the Password Checkup extension was to integrate it directly into Chrome. With the new integration, when Google discovers...
Read more...
Google Assistant has gained a new capability that movie fans will appreciate courtesy of Google Duplex technology. On Android phones, Google Assistant can now help users to buy movie tickets online. Users can get times and buy tickets starting with "Hey Google, showtimes for [movie] in [city] this weekend." Google also notes that movie fans can search for movie times from the Google app on Android. Once the list of theaters in the area turns up, users can choose a theater and time that they want. The option to buy tickets will be offered from within the Assistant and supports more than 70 cinemas and ticketing services. Supported ticketing services include Fandango, movietickets.com, AMC, or...
Read more...
Several white hat hackers in China spent the weekend infiltrating some of the top web browsers and other applications, as part of the Tianfu Cup. Similar to Pwn2Own, hackers attempt to exploit various software in ways that have not been discovered before, with prizes and bragging rights on the line (as well as better security for us all). The rules between Tianfu Cup and Pwn2Own are pretty much the same. During the two-day event, hackers racked up points by exposing zero-day vulnerabilities in Microsoft's Edge, Apple's Safari, and Google's Chrome browsers, as well as other applications. Here's how it broke down on the first day of the competition... Microsoft Edge (old version, not Chromium):...
Read more...
After beta testing an experimental feature in Chrome for several months without any major issues, Google decided to flip the switch in its main Stable release, and chaos ensued for hundreds of organizations and thousands of machines. Apparently the experimental feature was not quite ready for prime time, as IT admins suddenly had to contend with a mysteriously broken browser. For those affected, it was not immediately clear what exactly caused all the ruckus. All they really knew was that tabs were suddenly crashing and showing up as blank. This is referred to as a white screen of death (WSOD) error. The issue manifested itself on Chrome browsers running on Windows Server terminal setups and...
Read more...
If you rely on Google's Chrome browser to get around the web, be aware that an update is available that addresses a couple of "High" security threats. One of those—labeled CVE-2019-13720—is a zero-day vulnerability that is known to be actively exploited in the wild, though it is not clear to what extent nefarious individuals are leveraging it. "Google is aware of reports that an exploit for CVE-2019-13720 exists in the wild," Google's security team stated in a blog post. That one was discovered by Anton Ivanov and Alexey Kulaev, a pair of security researchers at Kaspersky Labs, and it will net them a bug bounty in an amount that is yet to be determined. The bug resides in Chrome's...
Read more...
Security researchers at Kaspersky have identified a new strain of malware affecting Chrome and Firefox browsers. The researchers say the malware's authors "put a lot of effort" into how it manipulates digital certificates and mucks with outbound TLS traffic, which ultimate compromises encrypted communications. "Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capabilities that few other actors in the world have," Kaspersky says. The malware allows an attacker to wreak havoc on a victim's PC remotely....
Read more...
