Google has recently released the new version of Chrome 72 for your mobile and desktop users and the updated web browser brings a host of security enhancements along with new developer features.
This new version of Chrome 72 gets a new Settings menu, improvements to the web authentication API, complete blocking of pop-ups while downloading pages, and more.
In addition to innovations and bug fixes, 58 vulnerabilities were fixed in the new version.
Many of the vulnerabilities identified by the automated testing tools AddressSanitizer, MemorySanitizer, integrity check flow, LibFuzzer, and the AFL.
One of the issues (CVE-2019-5754) is marked critical, meaning it allows you to bypass all levels of browser protection and run code on the system outside of the sandbox environment.
This vulnerability is due to a bug in the implementation of the QUIC protocol (details not provided yet).
As part of the cash rewards program for detecting vulnerabilities for the current version, Google paid out 34 prizes worth $ 50.5 thousand (one of $ 7,500 and $ 4,000, two prizes of $ 5000, six prizes of $ 3000, two prizes of $ 2000, five prizes of $ 1000 and four bonuses of $ 500).
Chrome 72 Features
Starting with Chrome 72, the ability to configure a Chromecast dongle is removed with the desktop browser and instead direct users to the Google Home app for Android and iOS.
Previously, users could go to chrome: // cast to configure their dongle, but that ability has been removed.
Another feature to highlight in the desktop version of the browser is that The ability to view videos over content in Picture-In-Picture mode has been enabled by default, which allows you to separate the video in the form of a floating window, which remains visible when navigating in the browser.
To watch a YouTube video in this mode, just double click on the video with the right mouse button and select the "Picture-in-Picture" mode.
Video disconnection only works when using the Picture-in-Picture API on the site, for sites not adapted for the new mode, a complement external.
In this new version of Chrome 72 protection is enabled by default against attempts to run third-party code within Chrome processes.
An exception is only made for Microsoft digitally signed code and systems for people with disabilities.
Similar code substitutions are seen on 2/3 of Windows systems and as a general rule, they are done using antivirus.
According to statistics, these manipulations lead to a decrease in job stability and cause 15% of all observed failures in the browser.
Instead of substituting code in the processes that are started, use the accessories and the API native messaging .
When opening sites with TLS 1.0 / 1.1, a special warning about using the deprecated version of TLS is now displayed.
By default, plans that the Support for TLS 1.0 / 1.1 ends in Chrome 81, which is expected in January 2020, but the setting that allows you to return TLS 1.0 / 1.1 will remain until January 2021.
Settings menu gets AutoComplete support for its sections, and there is also a shortcut in the People section that allows you to open the Google account settings directly.
Chrome 72 also brings improvements to the web authentication API for an additional layer of security. Now allows users to log in with a security key, Bluetooth U2F keys, or other security methods.
Web Authentication API adds support for on-site authentication using tokens and biometric sensors.
How to get Google Chrome 72?
For all those Users of this web browser, they will only have to wait for their browser to show the available update in order to perform it.
While for those who are interested in being able to install this browser on their systems, they can visit lto the official website of the browser where you can find the packages available for installation.