Google has updated Chrome’s desktop browser for Windows, Mac, Linux, pushing it to 90.4430.93. It also fixed nine security problems, three of which are worthy of the “High” severity ratings.
This update is not for vulnerabilities that hackers are actively exploiting, as there have been no security updates to Chrome in the past two weeks. The bad guys are often able find vulnerabilities by inspecting changes made to the code. Therefore, Chrome should be updated immediately.
Windows and Mac: Click the three vertical dots located at the top of the browser window. Next, scroll down to highlight Help. Then, select “About Google Chrome” from the fly-out menu.
This will bring up a new tab. The browser will then tell you whether your Chrome version has been updated or if you need to download the newer version.
Linux users are usually required to wait until Chrome updates for Linux distributions become available.
Brave and Edge click on the settings icon. Scroll to the bottom and find “About.” Opera and Vivaldi will open in Opera.
However, Brave is now compatible with Chrome’s version 90.0.4430.93.
Opera still used Chromium 90.4430.85 for its base, while Vivaldi relied upon Chromium 89.0.4389.128 for Vivaldi. Edge does not use the same version numbers. If you enter “edge://version”, it tells you its current version, which is Chromium 90.4430.85.
Kids, stay in your sandbox.
Chrome 10 fixes the worst flaws in Chrome 10.
This flaw can also be applied to other browsers if the browser is set up for “sandboxing”. In that case, it can take control of the computer’s operating systems.
Gengming LIU, researcher from Singular Security Lab revealed the bug to Google on April 15. He’ll be getting $15,000 as “bug bounty”, for sharing his findings.
Most Chromium web browsers include sandboxing enabled by default. Some desktop applications, like those that use Chromium for Slack or Discord as well, including Spotify, Bitwarden (Slack), Spotify, Bitwarden), WhatsApp, Twitch and Microsoft Teams, Skype and others, might have sandboxing off. Be sure to keep your eyes open for any new developments for these apps.
Google does not reveal in-house flaws. A use-after free memory vulnerability was discovered by a Microsoft researcher in Dev Tools. There is also a heap-buffer Overflow in the ANGLE graphic engine. More information on these flaws was not made available.
According to our counting, it is the eighth Chrome browser security update over the past 2 months. This also marks the 4th Chrome for desktop security updates in the last 2 weeks. Chrome/Chromium has certainly been busy. It is safe to say that they have succeeded.
You can find a complete list of Chrome/Chromium latest updates here if that interests you.