Google Chrome 118 is a massive security update
Chromeusers may check the installed version by loading chrome://settings/help in the browser’s address bar. Selecting Menu > Help > About Google Chrome opens the same page. Chrome lists its version on the page and it runs a check for updates. The new update should be picked up at that point and installed. A restart of the browser is required to complete the process.
The following versions are the latest at the time of writing:
Chrome for Mac and Linux: 118.0.5993.70
Chromefor Windows: 118.0.5993.70 and 118.0.5993.71
Chrome Extended for Mac: 118.0.5993.70
Chrome Extendedfor Windows: 118.0.5993.71
Chromefor Android : 118.0.5993.65
The main issue is CVE-2023-5218. It is a critical security issue, an use after free in Site Isolation. The remaining publicly disclosed vulnerabilities have a severity rating of medium or low. They address additional use after free and heap buffer overflow issues, as well as "inappropriate implementations".
Chrome 118 is the firststable version of Google ‘s web browser with Encrypted Client Hello support. Google introduced support in Chrome Canary back in 2022 and has been working on the feature since.
Without going into too many details, Encrypted Client Helloprotects the domain name from being leaked to network operators when users open sites and services in the browser. It improves privacy as a consequence, as network operators such as the ISP, do not know anymore which sites a user accesses. One effect of this is that DNS -based blocking is no longer working, provided that the site and server in question support the new technology.
Mozillaintroduced support for Encrypted Client Hello in Firefox 118 and most Chromium -based browsers will support the feature soon.
Another security feature gives Googlethe ability to disable extensions remotely that were not installed from the Chrome Web Store . Enhanced Safe Browsing needs to be enabled in Chrome for this to work and Google claims that it will use the feature only to disable malicious extensions. The disabling may happen manually or through automated detection systems according to Google .
Another Enhanced Safe Browsingchange improves the deep scanning functionality. Chrome 118 users may now be prompted to provide the password for an archive file to allow Safe Browsing to analyze it.
Chromeis now also collecting "telemetry information about chrome.tabs API calls made by extensions" if Enhanced Safe Browsing is enabled. The information is analyzed on Google servers to improve the "detection of malicious and policy violating extensions".
Chromeusers should update the browser immediately to protect it from attacks that target the patched vulnerabilities. Google plans to release all future Chrome releases a week early , starting with Chrome 119 .
Summary Article Name Google Chrome 118 is a massive security update Description Google Chrome
118is now available. The new version of Google ‘s web browser addresses 20 security issues and makes other changes. Author Martin Brinkmann Publisher Ghacks Technology News Logo