A serious security vulnerability has been discovered in Chrome, forcing Google to push out an emergency update to the browser. Affecting the Windows, Mac and Linux versions of Chrome, the high severity vulnerability is being tracked as CVE-2021-21148.
Described as a "heap buffer overflow in V8", it is being actively exploited in the wild, although few details of the exploit are available. Because of the severity of the vulnerability, Google has released a fix and is urging everyone to install it.
Google's Project Zero is very quick to point out security flaws in other company's products, but the search giant is far from being perfect itself. Two recently discovered zero-day vulnerabilities in Chrome have just been fixed with a new patch.
CVE-2020-16009 and CVE-2020-16010 are remote code-execution and heap-based buffer overflow flaws respectively and affect both the desktop and Android versions of Google's web browser.
The latest update to Chrome has rolled out, and Google has done a lot to improve and evolve the browser. The company says that there are massive improvements to page load times as well as improvements to resource usage by open tabs thanks to Tab Throttling.
But this is not the only change to come to tabs. Google has also made tabs touch-friendly, added tab previews, and introduced a new option to collapse grouped tabs to save space. This last option is currently in beta, however, and you'll have to enable hidden setting to enable it.
Biometrics have been a game-changer for consumer security. Not only can you unlock computers, tablets, and smartphones with facial recognition and fingerprints, but also, your finger can be used to decrypt encrypted storage devices. Are biometrics infallible? No. But still, the convenience makes consumers less likely to develop bad habits like having no password or pin at all on their devices! Never let perfect get in the way of better, folks.
Today, Google announces that it is integrating WebAuthn biometrics into its Chrome browser for Android. If you choose to store your credit and/or debit cards in the browser for easy checkout while shopping, you can now use your face or fingerprint rather than having to enter the CVC code from the card. In addition, Google is adding touch-to-fill, allowing you to easily fill in your information with one hand.
Developers frequently make use of open source components in order to speed up projects and save them having to reinvent tasks. But this can lead to the introduction of hidden security risks.
Now though open source marketplace xs:code is launching a new, free Chrome extension, xs:code Insights, which provides users with intuitive, in-depth analytics on open source repositories, including repository score, security analysis, maintenance and activity status, reviews, ratings and more.
With more and more people expressing concern about privacy and security online, companies have had to start to take notice and deliver tools to help. This is particularly noticeable in the browser market, and with the latest version of Chrome, Google has doubled down on security.
Having tested DNS over HTTPS (DoH) for some time, Google has added enhanced support for DNS lookups over an encrypted HTTPS connection to Chrome 83. In the Windows, macOS and Linux versions of the browser, Google's implementation of the security feature is called Secure DNS; here's how to use it.
Microsoft is no stranger to hitting its customers with ads for its products and services, and it seems that the company is so keen that people make the switch to the new Chromium-based version of Edge that it is now bombarding Outlook.com users with banner ads.
The ads are targeting people who visit the web-based version of Outlook using Google Chrome, and they see Microsoft extolling the speed and performance of its most recent web browser.
Google announced the pausing of upcoming Chrome and Chrome OS releases earlier this month and revealed that it would focus development on security updates for the time being.
Today, the company released an update in which it confirmed that it has resumed releases with an adjusted schedule.
Google's decision to hide the start of website URLs from Chrome's omnibox was a little controversial. While replacing https://www. and http://www. with icons indicating whether the site was secure or not, many people preferred being about to see that the HTTPS protocol is being used through the presence of those five letters.
If you're one of these people, there's some good news: Google seems to have been listening. Having previously implemented an experimental option to show full URLs on a one-off basis, preview builds of Chrome for macOS, Windows and Linux have a new "Always show full URLs" option.
The effects of the coronavirus pandemic are widespread and varied across the tech world. Streaming video services have been reducing quality to ease the strain on the internet, support for old versions of Windows has been extended, and many brand-new cinema releases have been pirated earlier than normal.
In addition to delaying the end of support for Windows 10 version 1709, Microsoft also says that the COVID-19 crisis will impact on the development of its Edge browser. This means that Edge 80 is the last stable build we're going to see for a while.
If you're home-working or self-isolating because of COVID-19, you might be starting to feel a little lonely. You may be used to getting together with a group of friends for a Netflix session, but such get-togethers are on hold for the time being.
But with a brilliant Chrome extension, you can still get together with friends and family online and watch Netflix together.
The impact of the coronavirus is being felt around the world in many ways. The pandemic is forcing people to work from home, impacting on deliveries and production in addition to being a health threat to many.
Now Google has announced that updates for both Chrome and Chrome OS are currently on pause. While the company does not say that this is a direct consequence of the spread of COVID-19, it says that the delay comes because of "adjusted work schedules at this time".
When Google started to warn Microsoft Edge users about potential security issues to encourage them to switch to Chrome, it seemed as though the browser wars were in full effect once again.
But now Google seems to have realized that displaying the warning to users of Chromium-based Edge is, well, a little petty. The company no long displays such warnings -- a move which could remove an obstacle for those who have been sitting on the fence about switching.
Having embraced the Chromium engine, Microsoft Edge now gives users the chance to install Chrome browser extensions -- but Google would rather you just stick with Chrome in the first place.
The company has start to display warning messages to anyone who has the audacity to visit the Chrome Web Store using Microsoft Edge with a view to downloading extensions. The message advises users that "Google recommends switching to Chrome to use extensions securely" and includes a link to download the browser. The browser wars are back, complete with sneaky underhand tactics.
Google has released a Firefox version of its Lighthouse browser extension, giving developers an easy way to test the performance of websites and web apps.
The open source extension makes use of the PageSpeed Insights API, and the new release brings Firefox in line with Chrome which has had a version of the extension for a few years now. The ultimate aim is to make it easier for developers to improve app and page performance by encouraging better practices.