Security News > 2020 > October > Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users.
Google's latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes - including a critical bug - and a feature that checks if users have any compromised passwords.
All seven high-severity vulnerabilities fixed by Google in Chrome 86 were use-after-free flaws - ranging from ones affecting Chrome's printing, audio, password manager and WebRTC components.
The Android and iOS versions of Chrome 86 will also come with a new security feature, which will send a copy of user's usernames and passwords using a "Special form of encryption." That then lets Google check them against list of passwords known to be compromised.
Google rolled out an iteration of this feature in 2019, when it unveiled the Password Checkup Chrome extension, to alert Chrome browser users of weak or compromised passwords.
News URL
https://threatpost.com/google-chrome-86-critical-payments-bug-password-check/159938/
Related news
- Google Chrome to block admin-level browser launches for better security (source)
- Google fixes Chrome zero-day exploited in espionage campaign (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito (source)
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)