Update Google Chrome to version 17
Yesterday, Google transferred the version of the Chrome browser at number 17 to the Stable update channel. The work was done a lot, considering the number of detected and fixed vulnerabilities - 20 pieces, of which one is critical and eight are highly dangerous. Apart from bug fixes and vulnerabilities, new features were introduced into the browser:
A specific description of the innovations is here .
Omnibox is enhanced by additional features of Google Live Search. If earlier the browser loaded pages in the usual mode, now the omnibox uses the possibilities of preprocessing pages, which allows you to instantly open the most visited pages.
Safebrowsing API is used not only in Chrome, but also in Safari and Firefox. At the same time, Google's browser uses the undocumented features of this interface, in this case, scanning downloadable executable files for the contents of malicious code ( True, Google actively denies this. See below in the sources ). It happens this way - in the browser, in addition to lists of phishing sites, the list of white applications (apparently, from well-known providers with a valid digital signature) is loaded, by which all executable files are compared. If the executable file is not found in the list, the browser sends the URL and IP to Google where the file was downloaded from, as well as the file size and checksums, after which this data is analyzed with the database on Google servers, after which the analysis results return to the browser. The information security team notes that the computer’s IP address and the URL of some of the pages visited are sent to the company's servers, but after two weeks the IP address is automatically deleted. In case of disagreement with such conditions, the development team recommends unchecking the Enable phishing and malware protection checkbox in the advanced settings.
A minor redecoration was carried out in the browser: the button for creating a new tab has changed, and the style of browser settings has changed.
Sources :
Official Google blog post.
Official report on fixed vulnerabilities.
Official message explaining the operation of the malware scanner.
ZDNet's Ed Bott's message about the undocumented advantages of the Chrome browser over competitors using the SafeBrowsing API.
- New Extension APIs
A specific description of the innovations is here .
- Omnibox update
Omnibox is enhanced by additional features of Google Live Search. If earlier the browser loaded pages in the usual mode, now the omnibox uses the possibilities of preprocessing pages, which allows you to instantly open the most visited pages.
- SafeBrowsing API Update
Safebrowsing API is used not only in Chrome, but also in Safari and Firefox. At the same time, Google's browser uses the undocumented features of this interface, in this case, scanning downloadable executable files for the contents of malicious code ( True, Google actively denies this. See below in the sources ). It happens this way - in the browser, in addition to lists of phishing sites, the list of white applications (apparently, from well-known providers with a valid digital signature) is loaded, by which all executable files are compared. If the executable file is not found in the list, the browser sends the URL and IP to Google where the file was downloaded from, as well as the file size and checksums, after which this data is analyzed with the database on Google servers, after which the analysis results return to the browser. The information security team notes that the computer’s IP address and the URL of some of the pages visited are sent to the company's servers, but after two weeks the IP address is automatically deleted. In case of disagreement with such conditions, the development team recommends unchecking the Enable phishing and malware protection checkbox in the advanced settings.
- Visual changes
A minor redecoration was carried out in the browser: the button for creating a new tab has changed, and the style of browser settings has changed.
Sources :
Official Google blog post.
Official report on fixed vulnerabilities.
Official message explaining the operation of the malware scanner.
ZDNet's Ed Bott's message about the undocumented advantages of the Chrome browser over competitors using the SafeBrowsing API.
')
Source: https://habr.com/ru/post/137903/
All Articles