Google Chrome 71 Touts 43 Fixes, Fights Ad Abuse – Threatpost

0
1
Google Chrome 71 Touts 43 Fixes, Fights Ad Abuse – Threatpost

The browser comes with a new set of protections to block pop-ups that could lead to ‘abusive experiences.’

Google officially lifted the curtain on Chrome 71 for Windows, Mac and Linux on Tuesday. The latest browser version touts new security features and a slew of fixes.

Overall, Google issued 43 patches with the security update for Chrome 71. The newest version, 71.0.3578.80, included an array of high severity bug fixes as well. The browser version also claims to block out “abusive experiences” with an update to the existing Chrome ad blocker feature.

Bug fixes include a patch for an out-of-bounds write flaw (CVE-2018-17480) in Chrome’s V8 open-source JavaScript engine; a use after free vulnerabilities (CVE-2018-17481 and CVE-2018-18336) in Google’s PDF software library (PDFium); and a heap buffer overflow (CVE-2018-18341) in Google’s browser engine Blink used in Chrome.

“The Chrome team is delighted to announce the promotion of Chrome 71 to the stable channel for Windows, Mac and Linux,” the company said in a Tuesday post. “This will roll out over the coming days/weeks… Chrome 71.0.3578.80 contains a number of fixes and improvements.”

In addition to security fixes, Chrome 71 also provides “further protections from harmful ad experiences on the web” with an expanded ad blocker, Google revealed earlier in November.

These “harmful experiences” include those “designed to intentionally mislead and trick users into taking action on the web,” said Google in November. For instance, a victim could click on a pop-up and be redirected to a potential malicious page.

Image courtesy of Google

Google had in 2017 launched a set of protections blocking pop-ups and new window requests from sites with certain abusive experiences that included redirecting pages. Chrome 71 takes those protections a step further by removing all ads on the small number of sites with “persistent abusive experiences.”

The new feature will motivate site owners to check and see if their websites feature any potential malicious pop-ups.

“Site owners can use the Abusive Experiences Report in their Google Search Console to see if their site contains any of these abusive experiences that need to be corrected or removed,” Vivek Sekhar, product manager said in a post. “Site owners will have a 30 day window to fix experiences flagged by the Report before Chrome removes ads.”

Chrome 71 follows the launch of  Chrome 70 in October.  In addition to 23 security fixes, Chrome 70 also included a new feature that gave users a panel so they could have more control over how browsers behave when they log into their Google accounts.

LEAVE A REPLY

Please enter your comment!
Please enter your name here