Security News

Google has stepped up its effort against websites that have a history of sending abusive notification content, by blocking notification permission requests in Chrome 86. This is the latest step Google has taken in this direction, after the introduction of the quiet notification permission UI in Chrome 80 and the automatic enrollment in the quiet notification UI for websites that display abusive notification permission requests starting with Chrome 84.

Google has added a new feature to Chrome 86 that aims to stomp out abusive notification content. Google first implemented controls that went against abusive notifications with Chrome 80, when it introduced a "Quiet notification permission UI" feature.

A trip to the About Chrome or About Chromium dialog should give the version identifier 86.0.4240.111. If you're in the habit of rarely shutting down your computer, or even of rarely exiting from your browser, now would be a good "Rare moment" to give Chrome a chance to ingest the update.

Starting with Chrome 86, Google is automatically hiding website notification spam on sites showing a pattern of sending abusive notification content to visitors. "Our goal with these changes is to improve the experience for Chrome users and to reduce the incentive for abusive sites to misuse the web notifications feature."

Google released an update to its Chrome browser that patches a zero-day vulnerability in the software's FreeType font rendering library that was actively being exploited in the wild. Security researcher Sergei Glazunov of Google Project Zero discovered the bug which is classified as a type of memory-corruption flaw called a heap buffer overflow in FreeType.

A Chrome 86 update released by Google on Tuesday patches several high-severity vulnerabilities, including a zero-day that has been exploited in the wild. The actively exploited vulnerability is tracked as CVE-2020-15999 and it has been described as a heap buffer overflow bug affecting FreeType, a popular software library for rendering fonts.

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Without revealing technical details of the vulnerability, the technical lead for Google's Project Zero Ben Hawkes warned on Twitter that while the team has only spotted an exploit targeting Chrome users, it's possible that other projects that use FreeType might also be vulnerable and are advised to deploy the fix included in FreeType version 2.10.4.

Google has released Chrome 86.0.4240.111 today, October 20th, 2020, to the Stable desktop channel to address five security vulnerabilities, one of them an actively exploited zero-day bug. "Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild," the Google Chrome 86.0.4240.111 announcement reads.

A bug in the latest release of Chrome, and other Chromium-based browsers, is causing random debug. Log files to be created on user's desktops and other folders.

Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users. Google's latest version of its browser, Chrome 86, is now being rolled out with 35 security fixes - including a critical bug - and a feature that checks if users have any compromised passwords.