Google Chrome has announced the promotion of the Chrome 66 browser to the stable channel for Windows, Mac, and Linux. The newly promoted Chrome 66 will be rolled out over the upcoming days or weeks. Some of the new major features include media autoplay changes and the ability to export passwords and several security fixes.
The new version of Chrome 66.0.3359.117 contains a huge list of changes or rather fixes and improvements. The changes that are to be found in the new browser are included in a list available in the log section. Google has announced that they have made huge improvements and provided a list that includes 62 security fixes. One of the major changes is that they have stopped the auto-play feature in the media section. Now, when the users open any YouTube links in a new tab, the video that was playing previously will not play.
Google has been working on improving the control over audio in its browser. It will stop the unexpected media playback in the background of tabs. The ability to export passwords improved the security section of the new browser. Clicking on the options meant for this, the users are asked to input their computer passwords and after the authorization is complete, the passwords that are saved in Google Chrome will be exported as a CSV file.
Google Chrome 66 includes a small percentage of the trial of Site Isolation so that they can prepare for a broader upcoming launch. Site Isolation will improve the security of Chrome, and Google has said that it should mitigate the risks posed by side-channel attack techniques such as Spectre. Because this is still on a trial run, Google urged its users to use chrome://flags#site-isolation-trial-opt-out if there is an issue caused by Site Isolation and to report the issue before Site Isolation is launched more broadly.
Chrome 66 has also implemented the CSS Typed Object Model (OM) Level 1, which “reduces this burden on both the developer and browser by exposing CSS values as typed JavaScript objects rather than strings.” And the new asynchronous clipboard will provide a “promised-based means of reading and writing to the clipboard.”
It should be mentioned that Chrome 66 will not trust website certificates that were issued before 1st June 2016 by PKI. Full access to bug details and links is still kept secret until a majority of users are updated with a fix. Many of the fixes to Google was contributed by external researchers. Many of their security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.