Google has recently released a new version of Google Chrome browser on all supported platforms, and needless to say, everybody is recommended to update as soon as possible.
The new Google Chrome 90 obviously comes with substantial security improvements, and the Mountain View-based search giant explains that this update addresses a total of 37 security flaws that have been reported by various researchers and rewarded according to its bug bounty program.
For example, a user after free vulnerability in permissions was reported by Gengming Liu, Jianyu Chen at Tencent Keen Security Lab back in late 2019, but it’s only now getting a fix. The security researchers have been awarded $20,000 for their submissions.
Researcher David Erceg, who reported a use after free bug in the extensions module in March this year, has also received a $10,000 reward for the vulnerability rated with a high severity label.
Chrome now defaulting to HTTPS
As far as the new features are concerned, Google Chrome 90 is the first version of the browser that defaults to HTTPS when no protocol is defined.
In other words, whenever you’re trying to load a website, Chrome automatically tries to load the HTTPS version by default. If HTTPS is not found, it can still load HTTP, but obviously, this isn’t a recommended option given the security implications.
At the same time, Google Chrome 90 also completes the rollout of tab search, so this feature is now available for all devices, and blocks access to port 554, a move which the search giant says it embraces specifically to block NAT Slipstream 2.0 attacks.
And last but not least, Chrome 90 comes with an AV1 encoder built-in which is specifically optimized for video conferencing and offers better compression efficiency, video on load bandwidth, and improved screen sharing efficiency.