Category — Chrome Security

Soon after Google launched the new beta version with translation bar and content security settings, Google System, a popular blog, came out with a cool article “10 Ways to Use Google Chrome’s Content Settings”.

It’s a useful and interesting article explaining how to use chrome’s new content settings to control what and reaches your computer and what not, through Chrome.

They have explained how to block images totally, block images from a particular website, or block cookies from websites etc. Check it out !

Until now, there was no  option for you to let a website load popups, always. All popups were blocked, and you will open those windows manually, from the bottom of the page. With the new Dev Update this week, Google Chrome is adding a “allow pop ups options” to it. You will see this feature very soon on Beta and Stable versions.

Now, here is a visual guide to it, to help you understand this better.  Here is how it looked like before the update.

pop ups on google chrome

Now, after update, this option will looks like this

Some other updates on this Dev release are

Visible changes:

• [r14827] Support PgUp/PgDn in Omnibox for “first entry/last entry.” (Issue: 6857)
• [r15115] Tell the user if Chrome is not the default browser. (Issue: 9049)
• [r15702] You can choose to allow pop-ups from a site. (Issue: 11440)

Other changes of note:

• [r14891] Fix for crashing when zoomed into street level on maps.yahoo.com (Issue: 2044)
• [r14731] Patch from Mohamed Mansour for systems without an installed printer. (Issue: 6835)
• [r15020] Stop the location bar from flashing white when navigating from one HTTPS site to another. (Issue: 11157)
• [r15214] Fix for common issues around opening a new window. (Issues: 6377, 6192, 835)
• Lots of work around Extensions.  (See r15417, r15271, r15310)

Google has identified  a major security risk to the browser and also added a security update for the browser. Here is more info from Google Chrome’s blog

More info: http://code.google.com/p/chromium/issues/detail?id=10869

Severity: Critical. An attacker might be able to run code with the privileges of the logged on user.

Chrome Security

A security issue was reported on Google Chrome, which could be used for “cross-website scripting attacks”. No worries, Google has already has a new version of Chrome which fixes this issue. Here is another happy news, you don’t need to update chrome, Google Chrome will automatically update to the new version, you just need to restart it to take effect.

Here is more on the security issue.

In a blog posting, Mark Larson, Google Chrome program manager, wrote:

“An error in handling URLs with a chromehtml: protocol could allow an attacker to run scripts of his choosing on any page or enumerate files on the local disk under certain conditions.”

“If a user has Google Chrome installed, visiting an attacker-controlled web page in Internet Explorer could have caused Google Chrome to launch, open multiple tabs, and load scripts that run after navigating to a URL of the attacker’s choice. Such an attack only works if Chrome is not already running.”

Now, just double check to make sure that your Google Chrome installation is up to date, and feel safe ! If you do not know how to check if Google Chrome version is up to date, here is ChromeStory’s post on this. Questions ? Drop me a comment !!

News Source