Image for article titled Everything New in Chrome 104

Photograph: monticello (Shutterstock)

Google’s newest replace, Chrome 104, is right here. Assuming you may have the surprisingly generous system requirements, you may replace your browser at the moment to reap the benefits of its new options and adjustments. The largest UI adjustments are for Chromebook customers operating Chrome OS, however all Chrome customers will profit from the safety patches.

The brand new Chrome replace comes with 27 safety patches

Crucial purpose to replace Google Chrome is to put in the 27 safety patches it comes with. To be clear, the safety state of affairs isn’t dire: According to Google’s Chrome Releases blog, not one of the 27 vulnerabilities patched with Chrome 104 are “zero-day,” that means there’s no proof the vulnerabilities have been exploited by malicious customers within the wild. Should you’re operating Chrome 103 at the moment, you aren’t prone to be focused with certainly one of these safety flaws. That stated, these 27 vulnerabilities are actually identified to the general public and it’s solely a matter of time earlier than unhealthy actors uncover use them towards customers who don’t have Chrome 104.

As well as, seven of those flaws are rated as “Excessive,” that means they’re extra of a risk than others. Right here is the entire record, with the “Excessive” vulnerabilities listed on the prime:

  • [$15000][1325699] Excessive CVE-2022-2603: Use after free in Omnibox. Reported by Nameless on 2022-05-16
  • [$10000][1335316] Excessive CVE-2022-2604: Use after free in Protected Looking. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-10
  • [$7000][1338470] Excessive CVE-2022-2605: Out of bounds learn in Daybreak. Reported by Looben Yang on 2022-06-22
  • [$5000][1330489] Excessive CVE-2022-2606: Use after free in Managed gadgets API. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-05-31
  • [$3000][1286203] Excessive CVE-2022-2607: Use after free in Tab Strip. Reported by @ginggilBesel on 2022-01-11
  • [$3000][1330775] Excessive CVE-2022-2608: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-06-01
  • [$TBD][1338560] Excessive CVE-2022-2609: Use after free in Close by Share. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Analysis Institute on 2022-06-22
  • [$8000][1278255] Medium CVE-2022-2610: Inadequate coverage enforcement in Background Fetch. Reported by Maurice Dauer on 2021-12-09
  • [$5000][1320538] Medium CVE-2022-2611: Inappropriate implementation in Fullscreen API. Reported by Irvan Kurniawan (sourc7) on 2022-04-28
  • [$5000][1321350] Medium CVE-2022-2612: Facet-channel info leakage in Keyboard enter. Reported by Erik Kraft (erik.kraft5@gmx.at), Martin Schwarzl (martin.schwarzl@iaik.tugraz.at) on 2022-04-30
  • [$5000][1325256] Medium CVE-2022-2613: Use after free in Enter. Reported by Piotr Tworek (Vewd) on 2022-05-13
  • [$5000][1341907] Medium CVE-2022-2614: Use after free in Signal-In Stream. Reported by raven at KunLun lab on 2022-07-05
  • [$4000][1268580] Medium CVE-2022-2615: Inadequate coverage enforcement in Cookies. Reported by Maurice Dauer on 2021-11-10
  • [$3000][1302159] Medium CVE-2022-2616: Inappropriate implementation in Extensions API. Reported by Alesandro Ortiz on 2022-03-02
  • [$2000][1292451] Medium CVE-2022-2617: Use after free in Extensions API. Reported by @ginggilBesel on 2022-01-31
  • [$2000][1308422] Medium CVE-2022-2618: Inadequate validation of untrusted enter in Internals. Reported by asnine on 2022-03-21
  • [$2000][1332881] Medium CVE-2022-2619: Inadequate validation of untrusted enter in Settings. Reported by Oliver Dunk on 2022-06-04
  • [$2000][1337304] Medium CVE-2022-2620: Use after free in WebUI. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-17
  • [$1000][1323449] Medium CVE-2022-2621: Use after free in Extensions. Reported by Huyna at Viettel Cyber Safety on 2022-05-07
  • [$1000][1332392] Medium CVE-2022-2622: Inadequate validation of untrusted enter in Protected Looking. Reported by Imre Rad (@ImreRad) and @j00sean on 2022-06-03
  • [$1000][1337798] Medium CVE-2022-2623: Use after free in Offline. Reported by raven at KunLun lab on 2022-06-20
  • [$TBD][1339745] Medium CVE-2022-2624: Heap buffer overflow in PDF. Reported by YU-CHANG CHEN and CHIH-YEN CHANG, working with DEVCORE Internship Program on 2022-06-27

G/O Media could get a fee

Jachs NY Summer Shorts Sale

70% off

Jachs NY Summer Shorts Sale

Exclusive sale on summer styles

Patterned, plain, twill, and chino, these classic shorts with 7-9″ inseams tell a story—you’re a guy who vacations, maybe on a boat.

It’s not all about the security updates, though, according to How-To Geek. Here’s what else you can expect when upgrading to Chrome 104 (bonus points if you have a Chromebook).

Chrome OS officially supports light and dark mode

Dark mode is any software’s most requested feature, and now it’s available in Chrome OS. With the latest update, Google not only officially supports switching between light and dark mode, but also now lets you switch between them automatically. I use this feature on my devices, so when the sun starts to set, everything pops into dark mode.

A new Start Menu for Chrome OS

Another great feature: Chromebooks now have a Windows-like Start Menu, dubbed the “Productivity Launcher.” It comes complete with a Google Search Bar and a shortcut for the Assistant. Plus, over on the other side of the System Tray, you’ll find the date with a new feature: When you click it, you’ll see a large, useful calendar widget.

Only share a select portion of your screen in video recordings

Anyone who regularly shares their screen will appreciate this update: Web app developers can implement a feature called Region Capture, which allows users now crop an area of your display to record or share, rather than focusing on an entire window or your whole screen. This feature can help assuage fears of over-sharing, giving you control over exactly what portion of your screen others can see.

Of course, it’ll be up to devs to implement Region Capture in their services, so you might not see this feature appear right away. It’s powered by Chrome 104 though.

LazyEmbeds (limited testing)

Google is also testing a feature called LazyEmbeds, which loads embedded content in a website only when it becomes visible on your screen. It’s a spin-off of “lazy loading,” in which browsers load site content only when a user would see it, rather than loading the entire site and its content at once. At this time, only 1% of Chrome users will participate in this testing, so it isn’t a total rollout in version 104.

New developer updates

With each new version of Chrome, Google rolls out new features for developers. You can find a complete list of changes on Google’s DevTools blog and the Chromium Blog, as well as this DevTools 104 video:

How to update Google Chrome

Fortunately, updating Chrome on your computer is easy: Click the three dots in the top right corner of the window, then choose Help > About Google Chrome. Allow Chrome to load for a moment—when the update is ready, you can click “Relaunch,” which will restart your browser with Chrome 104.

Source [source_domain]