Security News

Google Chrome has suddenly started crashing yesterday for many Windows users worldwide making the browser unusable. As first reported by Windows Latest, starting yesterday morning, users began reporting that Google Chrome extensions and tabs suddenly began crashing while using the browser.

In the latest move to improve the privacy of the Chrome browser, Google is adding support for a new HTML tag that prevents user tracking by isolating embedded content from the page embedding it. To prevent this, Google is adding a new form of embedded iframe called a "Fenced frame" to isolate the embedded content and not allow it to see the user data of the embedding page.

Google Chrome now hinders attackers' efforts to exploit security bugs on systems with Intel 11th Gen or AMD Zen 3 CPUs, running Windows 10 2004 or later. This is possible after the adoption of Intel's Control-flow Enforcement Technology, supported on Windows 10 computers through an implementation known as Hardware-enforced Stack Protection which adds enhanced exploit protection to all compatible devices.

As more companies and independent developers are switching to Progressive Web Apps as their preferred solution for native apps, Microsoft and Google are slowly adding new PWA features to improve the web apps experience on Windows and other platforms. For those unaware, Progressive web app, or PWA, is the latest web technology that allows anyone to use web sites as native mobile or desktop apps.

Google's Chrome browser has several security vulnerabilities that could pave the way to multiple types of attacks, including a V8 bug that could allow remote code execution within a user's browser. Liu told SecurityWeek that the bug is somewhat mitigated by the fact that it doesn't allow attackers to escape the sandbox where Chrome runs, meaning attackers can't reach any of the other program, data and applications on the computer.

Google late Tuesday shipped another urgent security patch for its dominant Chrome browser and warned that attackers are exploiting one of the zero-days in active attacks. This is the fourth in-the-wild Chrome zero-day discovered so far in 2021 and the continued absence of IOC data or any meaningful information about the attacks continue to raise eyebrows among security experts.

Google makes it easy to share text with friends and colleagues with a new Chrome 90 feature that lets you create links to selected text on a web page. This new feature is rolling out now in Chrome 90 and is built on top of Google's "Scroll-To-Text using a URL fragment" feature that they introduced earlier this year and is only available in Chrome.

Google has released Chrome 90 today, April 14th, 2021, to the Stable desktop channel, and it includes security improvements, a new AV1 encoder, and the default protocol changed to HTTPS. Chrome 90 fixes 37 security bugs, including a zero-day used at the Pwn2Own competition and publicly released Monday on Twitter. Today, Google promoted Chrome 90 to the Stable channel, Chrome 91 as the new Beta version, and Chrome 92 will be the Canary version.

A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. A zero-day vulnerability is when detailed information about a vulnerability or an exploit is released before the affected software developers can fix it.

A security researcher has dropped a zero-day remote code execution vulnerability on Twitter that works on the current version of Google Chrome and Microsoft Edge. While Agarwal states that the vulnerability is fixed in the latest version of the V8 JavaScript engine, it is not clear when Google will roll out the Google Chrome.