Mozilla developers have warned that sites may experience problems with the upcoming versions of Firefox 100 and Chrome 100 (released May 3 and March 29, 2022). The fact is that the release of new versions will mean that the user-agent values will become three-digit. The user-agent string contains information such as the name of the… Continue reading Firefox 100 and Chrome 100 may have user-agent issues
Tag: Google Chrome
Google developers told how they will implement Manifest V3
This week, Google developers shared their plans to bring the infamous Manifest V3 to full functionality, which became available in the beta version of Chrome 88. Let me remind you that for the first time talks about Manifest V3 started in 2018. Then the developers of Google announced that they intend to limit the work… Continue reading Google developers told how they will implement Manifest V3
SpookJS Attack Allows to Bypass Site Isolation In Google Chrome
A group of scientists from universities in Australia, Israel and the United States have presented a side-channel attack that allows recovering data from Google Chrome and Chromium-based browsers protected by the Site Isolation function. The attack is dubbed Spook.js (or SpookJS), which is a direct reference to the Meltdown and Specter processor vulnerabilities discovered in… Continue reading SpookJS Attack Allows to Bypass Site Isolation In Google Chrome
Google stopped trying to shorten URLs in the address bar
Google’s experiment with attempt to shorten URLs (hiding parts of the URL from the address bar) has finally failed and was finished. Let me remind you that in recent years, Chrome developers have returned to this topic more than once. For example, back in 2018, developers tried to make the browser interface simpler and more… Continue reading Google stopped trying to shorten URLs in the address bar
Chrome 90 gets new security feature to protect against attacks on Windows 10
Google has introduced a new Windows 10 security feature called Hardware-enforced Stack Protection in its Chrome 90 browser to protect the memory stack against cyberattacks. Microsoft introduced Hardware-enforced Stack Protection in March 2020. The feature is designed to defend against Return-Oriented Programming (ROP) attacks. To do this, Hardware-enforced Stack Protection uses processor hardware to protect… Continue reading Chrome 90 gets new security feature to protect against attacks on Windows 10
Google fixed another major vulnerability in the V8 engine
A series of feverish fixes for problems in Google Chrome continues, this time Google has fixed a major vulnerability related to the operation of the JavaScript engine V8 in the browser. The vulnerability that received an identificatory number CVE-2021-21227 and was assessed as having a high severity level. The vulnerability was reported by the researcher… Continue reading Google fixed another major vulnerability in the V8 engine
Chrome again frantically fixes 0-day vulnerabilities
Google has released a new version of Chrome for Windows, Mac and Linux, in which developers are patching two recently discovered 0-day vulnerabilities. According to the company, exploits are already available for these bugs. Problems received identifiers CVE-2021-21206 and CVE-2021-21220. The CVE-2021-21206 vulnerability was discovered in the V8 JavaScript engine and is related to the… Continue reading Chrome again frantically fixes 0-day vulnerabilities
Researcher discovered that Chrome Sync function can be used to steal data
Croatian researcher Bojan Zdrnja discovered a malicious Chrome extension abusing Chrome Sync. If you do not use Chrome, let me remind you that this function is applied to synchronize data between different user’s devices, and stores copies of all user bookmarks, browsing history, passwords, as well as browser settings and browser extensions on Google cloud… Continue reading Researcher discovered that Chrome Sync function can be used to steal data
Google says that a quarter of all 0-day vulnerabilities are new variations of old problems
Google analysts studied the 0-day vulnerabilities they discovered in 2020, and concluded that almost a quarter of the problems are new variations of already known bugs that had previously received patches. The authors of the report write that many problems could have been avoided if the developers immediately corrected their products more thoroughly. In 2020,… Continue reading Google says that a quarter of all 0-day vulnerabilities are new variations of old problems
Heavy ad blocker started working in the Google Chrome
Earlier this year, Google Chrome developers announced about adding of a so-called heavy ad blocker. This is a mechanism that will detect and unload advertisements that consume too many system resources (creating unnecessary load on the processor, network bandwidth, and so on). Then Google engineers wrote that “heavy” advertising can significantly reduce the battery life… Continue reading Heavy ad blocker started working in the Google Chrome