Google Chrome 94 is out with security fixes, a 4-week release cycle, and Extended Stable channel

Martin Brinkmann
Sep 22, 2021
Google Chrome
|
24

Google Chrome 94 is available. The new version of Google Chrome fixes security issues and the first version of the browser that is released in the new 4-week release cycle. Previously, Chrome Stable was released every 6-weeks, but Google announced in March 2021 that it would switch to a faster release cycle. Enterprise customers may switch to the Extended Stable channel to get new stable updates every 8 weeks, but security updates more frequently.

The Extended Stable channel is available for Windows and Mac devices only. Enterprise users find information about the new channel and how to switch to it on this Google Chrome Enterprise Help page. Basically, what needs to be done is set the TargetChannel policy to Extended. Google recommends that customers use the roll back to target policy to go back to the previous version of Chrome when the switch to the Extended Stable channel is made.

Chrome 94 release information

google chrome 94

Google Chrome 94 is a security release first and foremost for the stable channel. Google reveals that 19 different security issues were fixed in the new version, several of which rated as high, the second-highest rating after critical.

Google Chrome is being rolled out over time to all devices that support automatic updates. Admins may speed up the process on desktop systems by loading chrome://settings/help. The page displays the current version of Chrome and runs a query for updates. The new update should be picked up automatically by the browser.

Security-wise, Chrome 94 is blocking requests to private networks from insecure public websites.

The aim is to protect users from cross-site request forgery (CSRF) attacks targeting routers and other devices on private networks. These attacks have affected hundreds of thousands of users, allowing attackers to redirect them to malicious servers.

Google plans to run a deprecation trial until Chrome 102 to give companies and developers enough time to make necessary changes to sites.

Chrome 94 is the first version of the browser that supports HTTPS-First mode officially. It is available in Chrome for desktop systems and for Android. Chrome tries to upgrade page loads to HTTPS and will display a warning message to users if the connection can't be upgraded.

HTTPS-Only Mode is not enabled by default. Users find it on chrome://settings/security as "Always use secure connections". If the feature is not yet available, set chrome://flags/#https-only-mode-setting to Enabled and restart Chrome to display it.

chrome always use secure connections

Another new feature that appears to be on the roll-out in Chrome 94 is the new desktop sharing hub feature. It adds an icon to the Chrome omnibar that displays share options in a single menu.

Just select the icon and pick one of the available options: Copy link, QR Code sharing, Cast, or Save Page as. Options to share the link to Facebook, Twitter, Reddit, LinkedIn and Pinterest are provided as well in the menu.

chrome share hub

If the share hub icon is not yet available, load chrome://flags/#sharing-hub-desktop-omnibox and set the flag to Enabled. It is displayed after the restart of the web browser. Another experimental preference adds it to the main menu of the browser instead. Set chrome://flags/#sharing-hub-desktop-app-menu to enabled to activate it.

Chrome 94 for Web Developers

Chrome 94 introduces new features and improvements for web developers. The WebCodecs API is now available in the browser by default. It "eliminates [..] deficiencies by giving programmers a way to use media components that are already present in the browser" according to Google.

WebGPU, the successor to the WebGL and WebGL2 graphics API is available as an origin trial in Chrome 94. Google plans to include it in Chrome 99 by default.

The Developer Tools include the following improvements:

  • Use DevTools in your preferred language
  • New Nest Hub devices in the Device list
  • Origin trials in the Frame details view
  • New CSS container queries badge
  • New checkbox to invert the network filters
  • Upcoming deprecation of the Console sidebar
  • Display raw Set-Cookie headers in the Issues tab and Network panel
  • Consistent display native accessors as own properties in the Console
  • Proper error stack traces for inline scripts with #sourceURL
  • Change color format in the Computed pane
  • Replace custom tooltips with native HTML tooltips
  • [Experimental] Hide issues in the Issues tab

Google removed or deprecated the following features:

  • Deprecate and Remove WebSQL in Third-Party Contexts
  • Restrict Private Network Requests for Subresources to Secure Contexts

Now You: have you updated to Chrome 94? What is your impression?

Summary
Google Chrome 94 is out with security fixes, a 4-week release cycle, and Extended Stable channel
Article Name
Google Chrome 94 is out with security fixes, a 4-week release cycle, and Extended Stable channel
Description
Google Chrome 94 Stable is the first version of Chrome of the new 4-week release cycle. It introduces Auto-HTTPS functionality and includes security updates.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Michaela said on September 23, 2021 at 10:50 am
    Reply

    I stopped using Google Chrome from version 86.0 never back.

  2. chesscanoe said on September 22, 2021 at 11:21 pm
    Reply

    I am surprised so many common sites are https these days, but links they point to are just http. I hope such sites will put pressure on URLs they reference to “get with the program”.

  3. Tom said on September 22, 2021 at 10:26 pm
    Reply

    Cannot wait for HTTP-Only Mode to be enabled by default!

  4. ChromeFan said on September 22, 2021 at 1:07 pm
    Reply

    Google has blessed us with a new release of Chrome. The best browser just gets better.

    Of course I have upgraded from Chrome 93 to 94. WOW, is all I can say.

    So many features, not only is it providing a perfect browsing experience, it also is providing perfect privacy options to keep the user protected at all times.

    What a time to be alive.

  5. chesscanoe said on September 22, 2021 at 12:42 pm
    Reply

    My gateway/router box is set for Quad9 DNS 9.9.9.9. I assume with Chrome 94, it is correct to specify Use secure DNS with your provider rather than Custom, which has no predefined Quad9 choice.

    1. Martin Brinkmann said on September 22, 2021 at 1:12 pm
      Reply

      Yes, that is correct. You can also add a custom provider, but need a special URL for that.

  6. Ironmectin said on September 22, 2021 at 7:09 am
    Reply

    Its still a pig, without lipstick. At least Brave tries to pretty itself

    1. Iron Heart said on September 22, 2021 at 11:41 am
      Reply

      And people are calling me a troll when I put this guy in his place. Unbelievable. gHacks is done.

      1. AmanoJyaku said on September 23, 2021 at 9:41 pm
        Reply

        You are a true hero Iron Heart! The best person on gHacks! You’re too good for us, we’re holding you back! Leave this backwards little forum behind, go find your stage where you can be a be star!

      2. Iron Heart said on September 24, 2021 at 4:10 pm
        Reply

        @AmanoJyako

        Yet another one who ignores that I am dealing with a clear cut troll because he hates me, somehow managing to shift the blame to me. How creative. Has never been done before.

      3. AmanoJyaku said on September 28, 2021 at 2:57 am
        Reply

        @ Iron Heart

        You are a true victim, my friend! These trolls are too good for you! Stop feeding them BS and they will “magically disappear into thin air”

      4. Iron Heart said on September 28, 2021 at 1:40 pm
        Reply

        @AmanoJyaku

        > magically disappear into thin air

        Just do it then. My replies are more factual than most here, I am not feeding anyone BS, and I am therefore not a troll. I am also not victim playing, you absolute moron. Anyone who is not 100% biased against me and / or blind can see that people are trolling me here, my own feelings regarding that notwithstanding.

    2. Iron Heart said on September 22, 2021 at 11:28 am
      Reply

      You should cease trying to climb trees, for you seem to be running against them, head first, if your posts are anything to go buy.

      Also, in your head, totally rent free.

      1. :-) said on September 22, 2021 at 5:33 pm
        Reply

        Says the dude who has Mozilla living rent free in his head.

      2. karl said on September 23, 2021 at 7:33 pm
        Reply

        not just a pig, but security has to be concern now. i see a plethora of use-after-free bugs again, to go with the eight highest rating severe CVEs used in the wild already patched this year

      3. Iron Heart said on September 24, 2021 at 4:08 pm
        Reply

        @karl

        Are you aware of the fact that Firefox fixes high severity bugs every month as well? 8 CVEs classified as extremely severe this year so far is not bad for a software with the complexity of an operating system. In fact, it is expected.

        Also, thanks for the shoutout re. Firefox vs. Chromium security: https://madaidans-insecurities.github.io/firefox-chromium.html

      4. karl said on September 24, 2021 at 11:08 pm
        Reply

        > 8 CVEs classified as extremely severe this year so far is not bad

        are you smarter than a 3rd grader? can you read?

        that is only a fraction: the count of 8 refers to in-the-wild highest-rating-severe CVEs that are use-after-free

        the actual number of severe CVEs, and use-after-free CVEs are much much higher

        iron heart caught lying yet again

      5. Iron Heart said on September 27, 2021 at 9:37 am
        Reply

        @karl

        > are you smarter than a 3rd grader? can you read?

        > that is only a fraction: the count of 8 refers to in-the-wild highest-rating-severe CVEs that are use-after-free

        I repeat: “8 CVEs classified as EXTREMELY SEVERE(!!!!!!!!!!!) this year so far is not bad for a software with the complexity of an operating system.” I know that there are more security issues. Other browsers also have more security issues apart from their most severe ones. Big surprise right there.

        > iron heart caught lying yet again

        Rather, you were caught being a dumbass again.

      6. karl said on September 28, 2021 at 2:55 am
        Reply

        your alternate reality and facts are disturbing

        “8 CVEs classified as severe that were in-the-wild and that are use-after-free”
        “8 CVEs classified as severe”

        these are not the same and you are lying, the number in your description is much higher

      7. Iron Heart said on September 28, 2021 at 1:34 pm
        Reply

        @karl

        Accusing me of lying again on the most flimsy grounds imaginable. “Whaaaa you didn’t word it the exact same, I no longer understand what you meant you liar whaaaaa…” Like, dude, give it a rest – I am sure the majority here understands my comments correctly. You can willfully misunderstand anyone if you really are dead set on it. No point in discussing this with a hater looking for a fight.

      8. gunter said on September 22, 2021 at 11:58 pm
        Reply

        Just wow. Someone expressed their opinion, and Iron Heart took it to heart and plays the victim yet again, and then claims to have “put this guy in his place”. This is obsessive, delusional behavior and indicates someone needs help. Do we need to hold an intervention?

      9. Iron Heart said on September 23, 2021 at 9:21 am
        Reply

        @gunter

        All your railing against me doesn’t change the fact that this guy is a troll. Even the nickname is straight from the troll cave.

        Seems like you are the delusional one.

      10. gunter said on September 24, 2021 at 6:58 am
        Reply

        I’m not railing at you, I’m trying to help you. Have you ever considered not trying to save the entire internet every day?

      11. Iron Heart said on September 22, 2021 at 5:51 pm
        Reply

        @ :-)

        At least I am not without an argument. :-D

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.