What’s in the latest Chrome update? A baked-in hacked-password alarm

Google this week launched Chrome 79, touting the browser’s warnings when a site password may have been divulged and patching 51 vulnerabilities.

The California company paid $80,000 in bug bounties to researchers who reported some of the vulnerabilities. Two were ranked “Critical,” Google’s top-most rating, and eight were tagged “High,” the next level down in the four-step ordering. One report of a critical vulnerability was submitted by engineers at Tencent Keen Security Lab, a subsidiary of People’s Republic of China-based Tencent; Google awarded the researchers $20,000. The other bug alert? That one came from inside the house, reported by Sergei Glazunov of Google Project Zero.

Chrome updates in the background, so most users can just relaunch the browser to finish the upgrade to the latest version. To manually update, select “About Google Chrome” from the Help menu under the vertical ellipsis at the upper right; the resulting tab shows that the browser has been updated or displays the download process before presenting a “Relaunch” button. Those who are new to Chrome can download the latest for Windows, macOS and Linux here.

Google updates Chrome every six to eight weeks. It last upgraded the browser Oct. 22.

Your password is kaput!

Google baked the functionality of its web-based Password Checker into Chrome 79 so that when the feature is enabled, the browser will alert its user if an entered password has been revealed by a prior data breach.

The online service, which examined the username-password combinations stored in Chrome’s password manager and reported back the authentication pairings that have been exposed in publicly-known data breaches, went live in early October. (The web service remains available.)

Leave a Reply

Your email address will not be published. Required fields are marked *