Google Chrome 99 is out with 28 security fixes

Martin Brinkmann
Mar 2, 2022
Google Chrome
|
34

Google released Google Chrome 99 Stable and Extended Stable on March 1, 2022 to the public. Both browser versions address 28 different security issues in previous versions of the web browser.

google chrome 99

Chrome 99 is already available but the rollout will take weeks to complete. Chrome users who want to update their browser early can do so on desktop versions by selecting Menu > Help > About Google Chrome or by loading chrome://settings/help directly.

Note: if Chrome is not finding the update when you are loading the page, you may download the latest version of Chrome from Google to update it.

The official release notes reveal little about the changes in Chrome 99. While you can take a look at the log file, it is not advised to do so unless you have hours to spend.

The release notes mention 28 different security issues that are patched in Chrome 99.  The highest severity rating is high, the second-highest after critical.

Google publishes the list of externally reported issues only on the blog. None of the vulnerabilities appear to be exploited actively, as Google mentions this usually.

The company's platform status page lists 15 changes that are tracked for version 99, but the list is developer-centric.  One change, Convert adoptedStyleSheets to use ObservableArray, appears to be controversial as Apple won't implement the change in Safari at this time. Google notes that Mozilla and Microsoft will ship the implementation as well.

Chromium is the only shipped implementation of adoptedStyleSheets. Gecko would like to ship this feature, but has been waiting for the resolution of this issue (FrozenArray vs. ObservableArray) to ship their implementation. This should unblock Gecko [1]. The Edge team supports this change [2]. WebKit continues to be skeptical [3] of this usefulness of this feature, despite the general agreement of the rest of the web components community [4], and the support of the developer community [5][6][7]. So the interop risk is mainly that WebKit decides not to implement this feature.

The remaining changes affect:

  • "paintworklet" destination for PaintWorklet
  • Allow infinity, -infinity and NaN in CSS calc()
  • Autofill in ShadowDOM
  • CSS cascade layers
  • HTMLInputElement showPicker()
  • Handwriting Recognition API
  • Intl Enumeration API
  • Intl Locale Info in ECMA402
  • New Canvas 2D API
  • Origin Private File System extension: AccessHandle
  • Remove font-family -webkit-standard
  • Replace GamepadList with sequence<Gamepad?> for navigator.getGamepads() return value
  • Unprefixed text-emphasis properties
  • Window Controls Overlay for Installed Desktop Web Apps

Closing Words

Most of these changes will find their way into all other Chromium-based browsers, including Microsoft Edge, Vivaldi, Brave and Opera.

Now You: when do you update your browsers?

Summary
Google Chrome 99 is out with 28 security fixes
Article Name
Google Chrome 99 is out with 28 security fixes
Description
Google released Google Chrome 99 Stable and Extended Stable on March 1, 2022 to the public. Both browser versions address 28 different security issues in previous versions of the web browser.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. SEARCH said on March 3, 2022 at 5:38 pm
    Reply

    How do I remove “search picture with Google lens” from the context menu? It’s terrible garbage. I want the normal google picture search back. If it’s not possible, I will stop using Google Chrome.

    1. computer said no said on March 4, 2022 at 10:30 am
      Reply

      @SEARCH

      it can be disabled in chrome://flags.

      1. Anonymous said on March 9, 2022 at 7:53 pm
        Reply

        @computer said no
        Yeah. It’s still disabled from before, but it’s back in the context menu and search google for image is long gone.

      2. SEARCH said on March 4, 2022 at 11:49 am
        Reply

        @computer said no

        No it can’t. Apparently it was possible before, but not anymore.

    2. SEARCH said on March 4, 2022 at 7:15 am
      Reply

      No. I will not install an extension to do that. I will uninstall Google Chrome from our companys computers.

  2. redwolfe said on March 3, 2022 at 5:09 pm
    Reply

    thank you, martin, for the articles. if i want to know what is new with chrome, or with firefox, ghacks is the place to come.

  3. chesscanoe said on March 3, 2022 at 3:49 pm
    Reply

    Finally Chrome could be manually updated to Version 99.0.4844.51 (Official Build) (64-bit) for me.

    1. chesscanoe said on March 6, 2022 at 5:05 am
      Reply

      It appears my inability to upgrade to Chrome 99 was caused by a trojan https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=Trojan%3aHTML%2fCryptoStealBTC&threatid=2147811035 , and was fixed by running Windows Defender (aka Security) Full Scan. However a subsequent Windows Defender Virus definition update said the solution was incomplete and Microsoft Safety Scanner should be run using http://www.microsoft.com/security/scanner/ Full Scan, which namelessly identified 22 files.All seems good at this time.

  4. ULBoom said on March 3, 2022 at 3:03 pm
    Reply

    Best way to secure a browser is to block it both ways in your firewall.

    They keep building their villages at the base of the volcano. Why? Why?

  5. Anonymous said on March 3, 2022 at 1:50 pm
    Reply

    Chromium is getting faster, more stable, more optimized, more secure, but privacy is either “on-by-default” or “bad practices”, so the more up to date the browser is, the better

  6. Taomyn said on March 3, 2022 at 9:18 am
    Reply

    Agreed. No-one should be using Chrome anyway, even Edge is better but for me Brave is the best Chromium based browser – they too have updated to v99

    1. John G. said on March 3, 2022 at 6:01 pm
      Reply

      After browsing really hard spending hours and hours on the web due to my studies since 2015, the only browser that have never failed for me is Chrome. No single problem ever. Thanks @Martin! :]

    2. Taomyn said on March 3, 2022 at 9:19 am
      Reply

      This should have been a reply to ShampooNiHAO not sure why it wasn’t because I hit the “Reply” next to their post.

  7. Trey said on March 3, 2022 at 6:35 am
    Reply

    A browser facing and interacting with the internet is about as complex as it gets. It’s a jungle out there. Be glad that vulnerabilities are being discovered and closed.

  8. ShampooNiHAO said on March 2, 2022 at 11:14 pm
    Reply

    Even if you never report almost anything about Brave, I still added ghacks feed because yesterday Brave update added “custom RSS support to Brave News”

    So, just using https://www.ghacks.net/feed/ is enough to get your updates. It sucks you barely report on anything Brave does unless it is not about the browser or anything.

  9. computer said no said on March 2, 2022 at 7:52 pm
    Reply

    There code seems so full of holes…every update it is 20+ fixes.
    zero days and exploits left right and centre.

    Secure browser.?
    Even with this update it is still vilnerable because more fixes will follow in 6 weeks.

    Seems google chrome is perpetually vulnerable.

    1. zerodays said on March 3, 2022 at 1:40 pm
      Reply

      chromium is literally the new adobe

      1. patchday said on March 3, 2022 at 4:46 pm
        Reply

        every day is patch day for chromium, it has become a security joke, even adobe is laughing

      2. Iron Heart said on March 4, 2022 at 9:13 am
        Reply

        @patchday

        Try finding a more secure browser then. Good luck, hehe.

      3. Iron Heart said on March 3, 2022 at 2:47 pm
        Reply

        @zerodays

        There is no browser that is any more secure. Safari has comparable issues and Firefox is even worse.

    2. Dumbledalf said on March 2, 2022 at 10:48 pm
      Reply

      Like all browsers.

      But I think that’s because the majority of the population uses Blink so more bugs are discovered, other niche engines like WebKit or Gecko that amount less than 5% of userbase don’t have so much bugs reported or fixed simply because there aren’t enough people to discover them in the first place.

      1. dumb010 said on March 3, 2022 at 10:30 am
        Reply

        So which one is a more secure software? One that is constantly hacked, patched, and hacked again, or one that is really safe to use with no known or unknown holes in it??

      2. Iron Heart said on March 3, 2022 at 10:59 am
        Reply

        @dumb010

        > one that is really safe to use with no known or unknown holes in it

        And which browser would that be? I am most curious…

  10. Yash said on March 2, 2022 at 6:37 pm
    Reply

    When do you update your browsers?

    Few days after major version release, usually when browsers get another minor update.

  11. roger said on March 2, 2022 at 1:23 pm
    Reply
    1. Dumbledalf said on March 2, 2022 at 10:46 pm
      Reply

      You don’t have much choice:

      – the outdated WebKit
      – the outdated Gecko

      I would rather stop using the internet if I had to rely on those.

      Recently I read about a brand new rendering engine called Flow:

      https://en.wikipedia.org/wiki/Flow_(web_browser)

      Maybe in the future that will be a competitor to Blink, but other than that, Blink is currently the best engine for browsers.

      1. Anonymous said on March 3, 2022 at 12:28 pm
        Reply

        >I would rather stop using the internet if I had to rely on those.

        You are the coward who instead of standing their ground to protect their people and land instead runs when their nation is attacked. You are part of the tide of which people doing real work must fight against so your opinions are of no value.

      2. ShintoPlasm said on March 3, 2022 at 12:27 pm
        Reply

        Why do you call WebKit outdated? It’s being actively developed by Apple, no?

      3. Bobby Phoenix said on March 3, 2022 at 8:03 pm
        Reply

        Yes. Apple is still developing Safari and WebKit. And Gecko (the old outdated version) is only used by Palemoon I believe. Firefox, and forks of Firefox, use the one in development that is called Quantum/WebRender.

      4. Iron Heart said on March 4, 2022 at 10:44 am
        Reply

        @Booby Phoenix

        “Quantum” is rebranded Gecko, not a new project.

    2. Iron Heart said on March 2, 2022 at 6:13 pm
      Reply

      @roger

      Dude, how stupid do you think gHacks readers are? The most used browser is also the the most attacked / scrutinized one –> Many issues will be found, certainly more than for browsers almost nobody uses.

      Meaning: Counting security issues without keeping in mind factors like overall popularity is for cretins!

      Oh and as for Firefox: https://madaidans-insecurities.github.io/firefox-chromium.html Enough said.

      1. triggered said on March 3, 2022 at 12:49 am
        Reply

        >”How stupid do you think gHacks readers are?”
        >Post the same scam article once again

        Self aware.

      2. Iron Heart said on March 3, 2022 at 11:02 am
        Reply

        @triggered

        It is you who is triggered, buddy, when you call a factual article a “scam” just because you are woefully unable to refute any of it. Just saying.

  12. Leopeva64 said on March 2, 2022 at 12:58 pm
    Reply

    Chrome will soon let you follow your favorite websites (via RSS updates) and the first glimpses of this new feature have already appeared in Canary, Google has added the new ‘Follow site’ entry in the tab context menu:

    https://redd.it/t4lfbm

    .

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.