Chrome Browser 76 version released for Windows, Mac and Linux.
Chrome 76.0.3809.87 contains a number of fixes and improvements.
Chrome 76 update includes 43 security fixes.
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
Security Fixes and Rewards
Following lists are CVE ID fixes that were contributed by security researchers.
- [$10000][977462] High CVE-2019-5850: Use-after-free in offline page fetcher. Reported by Brendon Tiszka on 2019-06-21
- [$6000][956947] High CVE-2019-5860: Use-after-free in PDFium. Reported by Anonymous on 2019-04-26
- [$3000][976627] High CVE-2019-5853: Memory corruption in regexp length check. Reported by yngwei(@yngweijw) of IIE Varas and sakura(@eternalsakura13) of Tecent Xuanwu Lab on 2019-06-19
- [$3000][977107] High CVE-2019-5851: Use-after-poison in offline audio context. Reported by Zhe JinLuyao Liu from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2019-06-20
- [$TBD][959438] High CVE-2019-5859: res: URIs can load alternative browsers. Reported by James Lee (@Windowsrcer) of Kryptos Logic on 2019-05-03
- [$5000][964245] Medium CVE-2019-5856: Insufficient checks on filesystem: URI permissions. Reported by Yongke Wang of Tencent’s Xuanwu Lab (xlab.tencent.com) on 2019-05-17
- [$N/A][943494] Medium CVE-2019-5863: Use-after-free in WebUSB on Windows. Reported by Yuxiang Li (@Xbalien29) of Tencent Security Platform Department on 2019-03-19
- [$N/A][964872] Medium CVE-2019-5855: Integer overflow in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2019-05-20
- [$TBD][973103] Medium CVE-2019-5865: Site isolation bypass from compromised renderer. Reported by Ivan Fratric of Google Project Zero on 2019-06-11
- [$500][960209] Low CVE-2019-5858: Insufficient filtering of Open URL service parameters. Reported by evi1m0 of Bilibili Security Team on 2019-05-07
- [$500][936900] Low CVE-2019-5864: Insufficient port filtering in CORS for extensions. Reported by Devin Grindle on 2019-02-28
- [$TBD][946260] Low CVE-2019-5862: AppCache not robust to compromised renderers. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-03-26
- [$TBD][951525] Low CVE-2019-5861: Click location incorrectly checked. Reported by Robin Linus ( robinlinus.com ) on 2019-04-10
- [$N/A][961237] Low CVE-2019-5857: Comparison of -0 and null yields crash. Reported by cloudfuzzer on 2019-05-09
- [$N/A][966263] Low CVE-2019-5854: Integer overflow in PDFium text rendering. Reported by Zhen Zhou of NSFOCUS Security Team on 2019-05-23
- [$TBD][976713] Low CVE-2019-5852: Object leak of utility functions. Reported by David Erceg on 2019-06-19
Google thanks to all security researchers that worked during the development cycle to prevent security bugs from ever reaching the stable channel.
Also Read- Browser Security
As usual, Google chrome developers are ongoing internal security work was responsible for a wide range of fixes:
- [988889] Various fixes from internal audits, fuzzing and other initiatives
How to Update?
To update Chrome Browser 76 Version, Go to Settings – Help – About Google chrome.
It will check automatically for new update and install.
Whats New in Chrome 76
In Chrome 76, Google added new supports for:
- prefers-color-scheme media query, bringing dark mode to websites.
- An install button in the omnibox to make installation of Progressive Web Apps on desktop easier.
- Preventing the mini-infobar from appearing on Progressive Web Apps on mobile.
Faster updates to WebAPKs
When a Progressive Web App is installed on Android, Chrome automatically requests and installs a Web APK. After it’s been installed, Chrome periodically checks if the web app manifest has changed, maybe you’ve updated the icons, colors, or changed the app name, to see if a new WebAPK is required.
Starting in Chrome 76, Chrome will check the manifest more frequently; checking every day, instead of every three days. If any of the key properties have changed, Chrome will request and install a new WebAPK, ensuring the title, icons and other properties are up to date.
Dark mode Support
Many operating systems now support a dark mode, or dark theme.
The prefers-color-scheme media query, allows you to adjust the look and feel of your site to match the user’s preferred mode.
