By Click&Clean - Friday, July 17, 2020. Several days ago, Google released the latest version of its Google Chrome browser, Chrome 84, to the official stable channel for Windows, Mac, Linux, Android, and iOS.
This major release includes a total of 38 security patches. These fixes addressed one critical vulnerability, 9 high-risk bugs, 18 medium-severity issues, and 10 flaws that were highlighted as low-risk vulnerabilities.
Google Chrome 84 resolves heap buffer overflows, memory corruptions, improperly implemented security checks for standard, type confusion issues, use-after-free vulnerabilities, improper access control issues, cryptographic issues, out-of-bounds read and write issues, spoofing attacks, and security restrictions bypasses, all of which could become vulnerabilities for code execution attacks. Google plans to roll out the upgrade over the coming days and weeks, but we recommend that you do not wait and instead update your Chrome web browser immediately by clicking the button above.
In Chrome 84, Google removed support for the TLS 1.0 and 1.1 secure communication protocols, which were planned to be removed in Chrome 81, but this was postponed due to the COVID-19 pandemic.
With this release, Chrome will display warnings to users if they initiate a download over an insecure HTTP connection, and starting with Chrome version 88, Google plans to completely block insecure downloads.
Another security-oriented feature that is included with Chrome 84 is blocking intrusive notifications and other permission requests from fraudulent websites. Google is now trying to stop their distribution.
Over the past few releases, Google has been actively working to reduce CPU and power consumption to conserve resources when the page is not being viewed. With Chrome 84, this feature will appear for some users.
In addition, starting with this release, Chrome will confirm the decision with users if an extension changes the default search engine or the New Tab page.
This release also introduces numerous new APIs, such as Screen Wake Lock API, Web OTP (one-time password) API, Web Animations API, QuicTransport API, and Content Indexing API, which allow web developers to interact more with the operating system.