Security Update For Google Chrome - Mayb 2020
The Latest update for google chrome was released Chrome 83 yesterday, and with it came numerous features such as a new Incognito cookie control, a Security check feature, new Security settings page, the Tabs Group feature, a new extensions menu, and redesigned cookie controls.
The problem, though, is that many of these features in this massive update for google chrome have not been enabled yet by Google and will be slowly rolled out over time.
If you are like me and want to play with all the new goodies, the good news is that you can use some Chrome flags to enable these features now.
Update For Google Chrome: Enable New Security settings and Safety check
Chrome 83 comes with a redesigned Security settings page and a new Safety Check feature that are currently disabled.
To enable these features right now, follow these steps:
- Paste chrome://flags/#privacy-settings-redesign into the address bar and press enter.
- When the ‘Privacy Settings Redesign’ flag is shown, set it to Enabled and relaunch the browser when prompted.
After restarting the browser, you will now have access to the Safety Check feature and the new Security settings section under Privacy and Security or at chrome://settings/security.
The Latest Update For Google Chrome – Enable third-party cookie controls in Incognito mode
With the release of Chrome 83, Google has started to block third-party cookies by default in Incognito mode and have added a new user interface toggle to control it.
To enable this Incognito mode cookie control setting, please follow these steps:
- Pastechrome://flags/#improved-cookie-control into the address bar and press enter.
- When the ‘Enable improved cookie controls UI in incognito mode’ flag is shown, set it to Enabled and relaunch the browser when prompted.
When the flag is enabled, you will now see a new option to ‘Block third-party cookies’ in Incognito mode, which will be enabled by default.
Enable the new extensions menu
When installing a new extension, they will no longer display on the toolbar but will instead be located under the new extension menu. This menu can be accessed by clicking on the jigsaw puzzle icon that will appear on your toolbar.
To enable this the new extension menu, please follow these steps:
- Pastechrome://flags/#extensions-toolbar-menu into the address bar and press enter.
- When the ‘Extensions Toolbar Menu’ flag is shown, set it to Enabled and relaunch the browser when prompted.
When the flag is enabled, if you have any extensions installed, you will see a new jigsaw puzzle icon on the toolbar. Clicking on this icon will open the extension menu.
Enable the Tab Groups feature
With the release of Chrome 83, Google has released its Tab Groups feature that lets you organize tabs into different groupings.
The tabs in these groups can then be moved around as one whole group or sent to a new browser window.
To enable the Tab Group feature, follow these steps:
- Pastechrome://flags/#tab-groups into the address bar and press enter.
- When the ‘Tabs Groups’ flag is shown, set it to Enabled and relaunch the browser when prompted.
When the flag is enabled, if you right-click on a tab, you will be able to add it to a new group or an existing group. You can then manage the group by clicking on its label, as shown below.
As more flags are discovered or added by Google, we will be sure to update this article.
Google rolls out new Enhanced Safe Browsing security feature
The latest update for google chrome also features a new Enhanced Safe Browsing feature that will offer real-time protection against known malicious web sites and downloads.
Since 2007, Google has offered the Safe Browsing feature to protect users from malicious web sites and files that contain malware, display phishing pages, or attempt to install malicious files.
Since its release, numerous browsers, including Google Chrome, Firefox, and Safari, utilize this security feature to protect their users from online threats.
How Safe Browsing works
The latest update for Google Chrome uses Safe Browsing by downloading lists of known malicious sites and saving them locally. When a user visits a web site or downloads a file, Chrome will check the URL against the locally stored Safe Browsing databases and block it if it is known to be malicious.
When visiting URLs that are contained in the local lists, the browser will send a hashed partial URL fingerprints back to Google to confirm if it is malicious.
If it is, Google will display a warning interstitial, as shown below.
The problem with Safe Browsing is that new malicious websites and downloads are created all the time, and outdated locally stored Safe Browsing lists may miss new threats.
“Safe Browsing’s blocklist API is an existing security protocol that protects billions of devices worldwide. Every day, Safe Browsing discovers thousands of new unsafe sites and adds them to the blocklist API that is shared with the web industry. Chrome checks the URL of each site you visit or file you download against a local list, which is updated approximately every 30 minutes. Increasingly, some sophisticated phishing sites slip through that 30-minute refresh window by switching domains very quickly,” Google explained in the announcement.
Enhanced Safe Browsing Protection was developed to fix these shortcomings and strengthen protections.
The Latest Update To Google Chrome – Enhanced Safe Browsing brings real-time protection
With today’s release of the Enhanced Safe Browsing protection feature, Chrome users will now be able to get real-time protection when browsing the web and downloading files.
With this feature, when you browse a site or download a file, Chrome will share additional information with Google Safe Browsing so it can check URLs for malicious activity.
The use of this feature, though, does come with a small sacrifice in privacy as “Chrome will also send a small sample of pages and suspicious downloads to help discover new threats against you and other Chrome users.”
Furthermore, states that if you are signed into Chrome and are using Enhanced Safe Browsing, the transferred data is linked temporarily to your Google account to detect if an attack if targeting your browser or account.
“If you are signed in to Chrome, this data is temporarily linked to your Google Account. We do this so that when an attack is detected against your browser or account, Safe Browsing can tailor its protections to your situation. In this way, we can provide the most precise protection without unnecessary warnings. After a short period, Safe Browsing anonymizes this data so it is no longer connected to your account,” Google stated.
If you are willing to sacrifice some of your browsing data for a short period for better protection, then Enhanced Safe Browsing is an option that you should enable.
With today’s release of Chrome 83, users can enable Enhanced Safe Browsing protection by going to chrome://settings/security and selecting it.
This feature is brand new and currently rolling out to Chrome 83 users.
If you are unable to access the chrome://settings/security page, please be patient while the feature is rolled out to everyone.
The Latest Update for Google Chrome 83 released with massive security and privacy upgrades
Google has released Chrome 83 today, May 19th, 2020, to the Stable desktop channel, and it includes massive security and privacy enhancments as well as some long awaited features.
In this massive release, users are getting a redesigned Privacy and security settings section, better control over cookies, a new Safety Check feature, improved DoH settings, new Enhanced Safe Browsing feature. Tab Groups, and more.
With Chrome 83 now being promoted to the Stable channel, Chrome 84 will soon be promoted to the Beta version, and Chrome 85 will be the Canary version.
As you may have realized, Google did not release Chrome 82, and instead decided to skip that version due to the pandemic and roll all of its changes into Chrome 83.
Windows, Mac, and Linux desktop users can upgrade to Chrome 83 by going to Settings -> Help -> About Google Chrome. The browser will then automatically check for the new update for google chrome and install it when available.
Massive security overhaul for the latest update for Google Chrome users
While Google fixes security vulnerabilities in every release of the Chrome browser, most of these security improvements are made behind the scenes.
With this release, Google Chrome 83 has completely overhauled the user-facing security protections with numerous improvements that aim to help users secure their data, stay safe online, and increase their privacy.
It is important to note that most of the improved security features will be rolling out to users over the next couple of weeks.
If you do not see them immediately, be patient as they will be eventually enabled in your browser.
Easier security and privacy controls
All of the privacy and cookie settings have been reorganized to make it easier to find and configure the browser for enhanced privacy.
The sync controls are now renamed to “You and Google” and allow you to specify what data you share with Google to store in your Google account and what data is synchronized between devices.
To make it easier to clear your browsing history, Google has also moved the ‘Clear browsing data’ option to the top of the ‘Privacy and security’ settings section to make it more accessible.
The biggest change, though, is a completely redesigned cookie management interface that gives easier control over what cookies you will allow.
Finally, Google will block third-party cookies by default in Incognito mode.
“While we continue to work on our long-term effort to make the web more private and secure with Privacy Sandbox, we want to strengthen the Incognito protections in the meantime. In addition to deleting cookies every time you close the browser window in Incognito, we will also start blocking third-party cookies by default within each Incognito session and include a prominent control on the New Tab Page. You can allow third-party cookies for specific sites by clicking the “eye” icon in the address bar,” Google announced.
New Safety check feature in Chrome
Google has added a new ‘Safety check’ feature that will perform a checkup of the browser and your saved data to make sure it is secure and has not been compromised.
As part of this Safety check, Google Chrome will check if any of your saved credentials were compromised in a data breach, if you’re using the latest version of the browser, if Safe Browsing is enabled, and if you have any malicious extensions installed.
Secure DNS: Redesigned DNS-over-HTTPS (DoH) settings
Chrome has redesigned its DNS-Over-HTTPS settings in a new dedicated ‘secure DNS’ section under Privacy and security > More.
Using this new interface, a user can enable DoH and use it with their existing DNS provider, if available, or select one that is preconfigured in Google Chrome.
Enhanced Safe Browsing Protection released
The final security feature in Chrome 83 is the introduction of a new opt-in ‘Enhanced safe Browsing Protection‘ mode.
When enabled, Google will perform real-time checks of URLs that you visit to check for known threats.
As Safe Browsing normally checks against a local database of malicious URLs and files, by using a real-time check, you gain better protection from the latest known malicious web sites and malicious software.
“If you turn on Enhanced Safe Browsing, Chrome proactively checks whether pages and downloads are dangerous by sending information about them to Google Safe Browsing. If you’re signed in to Chrome, then Chrome and other Google apps you use (Gmail, Drive, etc.) will further protect you based on a holistic view of threats you encounter on the web and attacks against your Google Account. Over the next year, we’ll be adding even more protections to this mode including tailored warnings for phishing sites and file downloads, and cross-product alerts,” Google stated in their blog post.
Always show full urls option
Many, though, prefer to see a full URL of a web page they are visiting in the address bar.
With the release of Chrome 83, users can now enable a ‘Context menu show full URLs’ flag that lets you enable the showing of full URLs when browsing the web.
To enable this feature, go to chrome://flags/#omnibox-context-menu-show-full-urls and enable the feature. Once enabled, and the browser is restarted, you can right-click on the address bar and a new option can be checked titled ‘Always show full URLS’.
Tab groups have arrived
Google has been testing a new feature called ‘Tab Groups’ that allows you to add various tabs to a named group so that they are better organized.
These groups can then be moved around as one item or sent to another window.
This feature is now live in Google Chrome 83.
New browser extensions menu
To add more real estate to the Chrome toolbar, Google has moved the extensions into a new drop-down menu accessed through a new jigsaw puzzle icon.
When you click on this puzzle icon, a menu will drop down listing all of your extensions and allows you to manage them.
Each extension will then have a dedicated submenu where you can remove it, configure its options, or pin it to the toolbar.
As you can see, this is a huge update for google chrome that adds numerous features to make the web browser experience more secure.
As many of these features are still rolling out, please do not be concerned if you do not see them immediately.
The latest update for google chrome – 38 security vulnerabilities fixed
The Chrome 83 release fixes 38 security vulnerabilities, with the following discovered by external researchers:
|CVE-2020-6465||Use after free in reader mode.||High|
|CVE-2020-6466||Use after free in media.||High|
|CVE-2020-6467||Use after free in WebRTC.||High|
|CVE-2020-6468||Type Confusion in V8.||High|
|CVE-2020-6469||Insufficient policy enforcement in developer tools.||High|
|CVE-2020-6470||Insufficient validation of untrusted input in clipboard.||Medium|
|CVE-2020-6471||Insufficient policy enforcement in developer tools.||Medium|
|CVE-2020-6472||Insufficient policy enforcement in developer tools.||Medium|
|CVE-2020-6473||Insufficient policy enforcement in Blink.||Medium|
|CVE-2020-6474||Use after free in Blink.||Medium|
|CVE-2020-6475||Incorrect security UI in full screen.||Medium|
|CVE-2020-6476||Insufficient policy enforcement in tab strip.||Medium|
|CVE-2020-6477||Inappropriate implementation in installer.||Medium|
|CVE-2020-6478||Inappropriate implementation in full screen.||Medium|
|CVE-2020-6479||Inappropriate implementation in sharing.||Medium|
|CVE-2020-6480||Insufficient policy enforcement in enterprise.||Medium|
|CVE-2020-6481||Insufficient policy enforcement in URL formatting.||Medium|
|CVE-2020-6482||Insufficient policy enforcement in developer tools.||Medium|
|CVE-2020-6483||Insufficient policy enforcement in payments.||Medium|
|CVE-2020-6484||Insufficient data validation in ChromeDriver.||Medium|
|CVE-2020-6485||Insufficient data validation in media router.||Medium|
|CVE-2020-6486||Insufficient policy enforcement in navigations.||Medium|
|CVE-2020-6487||Insufficient policy enforcement in downloads.||Low|
|CVE-2020-6488||Insufficient policy enforcement in downloads.||Low|
|CVE-2020-6489||Inappropriate implementation in developer tools.||Low|
|CVE-2020-6490||Insufficient data validation in loader.||Low|
|CVE-2020-6491||Incorrect security UI in site information.||Low|
👇Subscribe To Our Podcast For The Latest Updates👇
👇Do contact Privacy Ninja for the following services👇
★☆★ CONNECT WITH PRIVACY NINJA ON SOCIAL MEDIA ★☆★