The Chrome 79 update closes three security holes, one of which Google rates the risk as “high”. Version 80 is also coming soon.
Chrome 79 security update
Google is currently rolling out a security update for Chrome 79, like the developers on the Chrome release blog write, With version 79.0.3945.117 3 vulnerabilities are patched. For one of them (CVE-2020-6377) Google rates the security risk as “high”. at CVE-2020-6377 the issue is that use after free audio recording in Google Chrome (before version 79.0.3945.117) could allow an attacker to exploit heap corruption via a designed HTML page. According to the blog entry, the update will be rolled out in the next few days and is available for Windows, Mac and Linux.
Version 80 with a more discrete authorization interface
With the upcoming update to Chrome 80, Google wants to change the notifications for permissions, as in Chromium blog (English) means. Notifications often annoy users because if small dialog boxes are repeatedly displayed while surfing on websites, this can be disruptive and thus worsen the user experience. The new user interface can be activated according to the blog entry.
The authorization request should bother a user less in the future
The more discreet interface is also automatically activated for users under two conditions. First, for users who normally block notification authorization requests. Second, on websites with very low opt-in rates.
Chrome 80 will be available for both desktop and mobile versions.
According to the blog entry, Google also plans to take action against abusive websites that use web notifications for advertising, malware or fraudulent purposes in the course of 2020.