谷歌浏览器发布 v90.0.4430.212 正式版更新 安全修复和稳定性改进[软件使用技术学习]

      日前,谷歌浏览器发布 v90.0.4430.212 正式版更新,这也是Google Chrome第四个维护版本,本次更新主要进行了安全修复和稳定性改进,同时改善用户体验,一起来了解一下。

谷歌浏览器发布 v90.0.4430.212 正式版更新 安全修复和稳定性改进


      Chrome v90.0.4430.212 正式版(2021-05-11)

      谷歌浏览器v90正式版主要更新,引入了许多以用户为中心的功能改进,辅以安全性方面的进一步提升。默认向目标网站链接均启用SSL安全传输协议(HTTPS),全新AV1开源视频编码器的技术支持,高清视频占用大幅减小。新增窗口重命名功能,可重命名已打开的多个窗口,可记住窗口的配置,遇到崩溃重启会自动恢复状态。还有WebXR深度API、启用了URL协议设置程序、效果叠加层、以及安全性方面的诸多改进,比如为了防范缓解NAT Slipstream 2.0攻击,而屏蔽封锁了通过554端口的HTTP/HTTPS/FTP服务器访问。

      谷歌浏览器v89正式版主要更新,修复了一个零日漏洞,建议用户尽快更新。优化了对WebHID、WebNFC和Web Serial等适用于HID设备API的支持,此外NFC和串行设备也被认为可以投入生产使用。还初步为WebRTC添加了对AV1编码的支持。此外桌面端还带来了Web Share和Web Share Target支持以及其他增强功能。

      谷歌浏览器v88正式版主要更新,改进深色主题支持,优化深色模式,覆盖设置、书签、历史、新标签页等更多内部页面的滚动条。停止对FTP的支持,无法使用Chrome作为FTP客户端,不再支持ftp://开头的地址。停止对Mac OS Yosemite的支持,结束对旧版浏览器附加组件的支持,减少请求许可干扰,优化适用于Chrome OS的浅色和深色模式。


      Chrome v90.0.4430.212,此更新包括19个安全修复程序。

      [$3000][1180126] High CVE-2021-30506: Incorrect security UI in Web App Installs. Reported by @retsew0x01 on 2021-02-19

      [$NA][1178202] High CVE-2021-30507: Inappropriate implementation in Offline. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2021-02-14

      [$TBD][1195340] High CVE-2021-30508: Heap buffer overflow in Media Feeds. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-02

      [$TBD][1196309] High CVE-2021-30509: Out of bounds write in Tab Strip. Reported by David Erceg on 2021-04-06

      [$TBD][1197436] High CVE-2021-30510: Race in Aura. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi’anxin Group on 2021-04-09

      [$TBD][1197875] High CVE-2021-30511: Out of bounds read in Tab Groups. Reported by David Erceg on 2021-04-10

      [$TBD][1200019] High CVE-2021-30512: Use after free in Notifications. Reported by ZhanJia Song on 2021-04-17

      [$NA][1200490] High CVE-2021-30513: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2021-04-19

      [$TBD][1200766] High CVE-2021-30514: Use after free in Autofill. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2021-04-20

      [$TBD][1201073] High CVE-2021-30515: Use after free in File API. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-04-21

      [$TBD][1201446] High CVE-2021-30516: Heap buffer overflow in History. Reported by ZhanJia Song on 2021-04-22

      [$TBD][1203122] High CVE-2021-30517: Type Confusion in V8. Reported by laural on 2021-04-27

      [$NA][1203590] High CVE-2021-30518: Heap buffer overflow in Reader Mode. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2021-04-28

      [$15000][1194058] Medium CVE-2021-30519: Use after free in Payments. Reported by asnine on 2021-03-30

      [$10000][1193362] Medium CVE-2021-30520: Use after free in Tab Strip. Reported by Khalil Zhani on 2021-04-03

      [1207457] Various fixes from internal audits, fuzzing and other initiatives





上一篇 2024年5月25日
下一篇 2024年5月25日
