![]() Last but not least, starting with v67, Google has dropped support from Chrome for the HTTP-Based Public Key Pinning (HPKP) standard. The protocol was formally announced last month, and Mozilla beat Google by adding WebAuthn in Firefox a few weeks back with the release of Firefox 60. ![]() With new Meltdown and Spectre variations revealed last week, the feature is more than welcomed, even if it wasn't originally developed to deal with CPU bugs.Ĭhrome 67 is also the first Chrome version that supports the new WebAuthn passwordless authentication protocol. Google has been using the Strict Site Isolation feature to mitigate the effects of the Meltdown and Spectre flaws. Similar to last month, Google has continued to roll out the Strict Site Isolation feature to more users, on more platforms. Just like Google Chrome 66, this month's v67 also ships with loads of security-related changes. Details on what flag you need to edit are available in our previous coverage, here. Last but not least, users of Chrome 67 can now flip a Chrome flag to enable and test Chrome's new UI. ![]() Developers can use this API to build virtual and augmented reality experiences on Chrome for mobile-based VR headsets like Google Daydream View and Samsung Gear VR, as well as desktop-hosted headsets like Oculus Rift, HTC Vive, and Windows Mixed Reality Headsets. This API is meant primarily for mobile use, and in its current version, websites can use Chrome's Generic Sensors API to access data from a device's accelerometer, gyroscope, orientation and motion sensors.Īnother API that shipped with Chrome is the WebXR Device API. Intel, the company whose engineers proposed the API, has a website devoted to demonstrations of the sensor APIs with sample code available for download. The new API is based on the Generic Sensor W3C standard. As the name implies, this is an API that exposes data from device sensors to public websites. Probably the biggest change in Chrome 67 is the addition of the Generic Sensors API. As of today, the Chrome stable version number is v.62. Users can update to the latest version via their browser's auto-update system in the "Help > About Google Chrome" section. According to changelogs released with Chrome 67, this version adds support for a Generic Sensors API, improves AR and VR experiences, and deprecates the HTTP-Based Public Key Pinning (HPKP) security feature. Pro vs.Google released earlier today Chrome 67, the latest stable release of its web browser. Grammarly’s new ChatGPT-like AI generator can do a lot more than proofread your writing If you use this free password manager, your passwords might be at risk Ranking all 12 versions of Windows, from worst to best These are the new AI features coming to Gmail, Google Docs, and Sheets By default, Chrome is on the Stable channel, which is best for most users and is least likely to have problems. The Chrome Stable channel on Windows and Extended Channel on both Windows and Mac require the update. If the latest version is already installed, no update is necessary, and not every computer is affected. If an update button appears, click it, then relaunch the app to finish and secure the browser from attacks. In most cases, Chrome will automatically start the update process so that only a relaunch is required to finish the installation. In the Help menu, choose About Chrome to see information about the browser. To install the latest version of Google Chrome on Windows or Mac, open the app and click the three vertical dots at the top-right to see more options. It would be best to enable automatic Chrome updates while on the *About Chrome* page to get these problems taken care of as soon as possible. This is the fourth Chrome zero-day bug fixed this year, with previous fixes arriving in February, March, and April, signaling an increase in hacking attempts. Will my computer automatically update for daylight saving time? Microsoft’s Bing Chat: how to join the waitlist now The exploit may allow arbitrary code execution on your desktop, which has the potential to give hackers full access to your PC. Dennizn/ShutterstockĪlthough details are scarce, the exploit is being used by hackers in the wild, so we recommend updating Chrome immediately. The most severe bug is identified as CVE-2022-2294 and the update also patches CVE-2022-2295 and CVE-2022-2296. Google did not post a detailed explanation of how the exploit works, but will do so when the majority of people have updated, making the danger of further attacks less severe. Zero-day bugs mean that this is a known weakness and, in this case, Google said that the flaw is already being exploited by hackers. The flaw can lead to arbitrary code execution, a serious security vulnerability, so it’s best to download and install the latest version immediately. The problem affects Chrome on Windows, Mac, and Android. Google posted a security update for its Chrome browser that fixes what’s known as a zero-day bug.
0 Comments
Leave a Reply. |