Google released a new stable version of Chrome earlier this week, pushing its Internet browser to version 64. Some of the most notable additions to the program are new protections against Meltdown and Spectre, a pair of recently discovered vulnerabilities that gained a lot of publicity in the industry due to the broad range of their security implications, i.e. the fact that they could potentially compromise hundreds of millions of devices by virtue of the fact that they aren't software exploits but specifically target processors. While the Mountain View, California-based tech giant already started implementing some protections against the vulnerabilities in recent weeks, it now introduced an additional mechanism meant to disable the SharedArrayBuffer functionality and prevent potential attacks.
While the latest additions are only expected to directly benefit a smaller number of Chrome users, they should ultimately make the browser more secure. As far as Chrome OS is concerned, the majority of Chromebook owners are already relatively protected against Spectre and Meltdown due to the recent inclusion of KPTI mitigation support. While a small number of older Chrome OS devices has yet to be patched, Google and their manufacturers are expected to secure them in the coming weeks. Chrome 64 debuts a wide variety of other security fixes, listing 53 of them in total as resolved, not counting those which weren't reported by independent researchers. The issues addressed by the latest update range from WebGL URL leaks to insufficient security requirements in some use cases of the autofill functionality. Besides the mechanisms meant to offer additional protection against Meltdown and Spectre, none of the other fixes deal with high-profile issues, though many of them were categorized as severe vulnerabilities. The Alphabet-owned company thanked all security researchers who identified and reported the problems addressed as part of the latest Chrome build, revealing that it paid out over $20,000 in bug bounties that led to fixes included in the latest update.
Google's internal auditing also led to some additional patches added to Chrome 64, with more than a dozen of them being categorized as being high-risk in nature. On the user side of things, the 64.0.3282.119 build boasts HDR support for Windows devices with HDR-ready screens and graphics cards. Permanent website muting is also part of the package on desktops now, being just a single right mouse click away.