H-Security: Version 17 of Chrome has been released into the WebKit-based browser’s Beta channel. Its developers say that the new Chrome beta, version 17.0.963.26, is focused on improving two of the browser’s core principles: speed and security.
To make Chrome “go even faster”, some web pages will start loading in the background before a user has even finished typing a URL into the Omnibox address and search bar. To reduce the time between a user pressing enter and the page being fully loaded, Chrome will pre-render some pages if the URL auto-completes to a site a user is likely to visit. According to Google Software Engineer Dominic Hamon, this will, in some cases, cause pages to appear “instantly”.
With version 17, Chrome’s Safe Browsing technology has been extended to protect against malicious downloads by analysing executable files, including Windows .exe and .msi files. So, if a user visits a web site and is tricked into downloading, for example, a fake anti-virus product, Chrome will issue a warning if the file appears to be malicious and will advise the user to discard it. Further details about Chrome 17.0.963.26, which is available to download from dev.chromium.org, can be found in a post on the Google Chrome Blog.
The Chrome Team at Google has also updated the browser’s Stable channel to version 16.0.912.75, closing three high risk security holes. These include a use-after-free in animation frames, a heap-buffer-overflow in the libxml software library, and a stack-buffer-overflow in glyph handling.
As part of its Chromium Security Rewards programme, Google paid security researchers a total of $2,000 for discovering and reporting the holes. As usual, further details of the vulnerabilities are being withheld until “a majority of users are up-to-date with the fix”. Chrome 16.0.912.75 is available to download from google.com/chrome; alternatively, users who currently have Chrome installed can use the built-in update function.