Thursday, March 18, 2010

GOOGLE UPGRADES CHROME ACROSS THE BOARD


Google has updated the Chrome browser for most of its multiple versions on all platforms in the past few days, although most of the updates have been minor. However, high-priority security fixes have been made to the stable version of Chrome.

Five security fixes labeled "high" have been applied to the stable Windows version of Chrome, including a fix for a bug that was discovered by Sergey Glazunov. He has received the first $1,337 Chromium Security Reward for the discovery. The security fixes include plugging holes in tab sandboxing, memory errors occurring with malformed SVG images, integer overflows in WebKit JavaScript objects, and an cross-origin bypass error. One security fix applied to the Chrome beta plugged a hole created by memory errors in empty SVG elements.

One new feature in the stable version since the upgrade to v4 has been disabled. The experimental anti-reflected-XSS feature XSS Auditor was disabled because of rare but "serious performance issues," according to the release notes.

The Windows beta version now includes the translate infobar, for automatic page translation using Google's translate function when you visit a Web site with a different language than your system default.

The Chrome dev channel has been updated for Windows, Mac, and Linux. Google says that users on all three platforms should see significant improvements in the performance of the autofill feature. Mac OS X dev channel users have also received many fixes to the bookmark bar, but that users will still experience significant problems with their bookmark folders for now. A fix is coming, say Google's release notes.

Google's Internet Explorer booster add-on, Chrome Frame, has also several repairs. Chrome Frame now uses IE's default pop-up blocker, and clicking one link with both mouse buttons will no longer crash the browser. Note that Chrome Frame is still considered experimental, and isn't recommended for casual use.

No comments: