Google fixes 17 security issues in latest Chrome 115 update
Google has released a point update for Chrome 115; this update patches 17 different security issues in the desktop and Android versions of the web browser.
Google Chrome installations will be updated automatically in the coming days and weeks. Desktop users may speed up the installation of the security update in the following way:
- Load chrome://settings/help in the browser's address bar or select Menu > Help > About Google Chrome.
- Chrome runs a check for updates and displays the current version that is installed. Any new version that it finds is downloaded and installed at this point.
- Restart the browser.
The About page should list one of the following versions after the latest update has been installed:
- Chrome for Mac and Linux: 115.0.5790.170
- Chrome for Windows: 115.0.5790.170 or 115.0.5790.171
Chrome for Android updates are powered by Google Play and there is no way to speed up getting the update. Chrome for Android should display version 115.0.5790.166, which Chrome users may check in the following way on Android:
- Select Menu and then Help and Feedback.
- Select Menu on the Help and Feedback page and there Version info,
Google Chrome 115: the 17 security issues
Google lists externally reported security issues that it fixed only on the Chrome Releases blog. The 11 listed vulnerabilities have a severity of high or medium, and none appear to be exploited in the wild, as Google makes no mention of that.
The vulnerabilities exploit type confusions, heap buffer overflows, out of bounds memory access, use after free and other issues in the desktop and mobile web browser.
Administrators and home users should update Google Chrome as soon as possible to protect the browser against attacks that target the vulnerabilities.
Google released Chrome 115 in mid-July. The version upgrade patched 20 different security issues in the web browser.
The next version of Google Chrome, Chrome 116, is expected to be released next Wednesday, August 9th, 2023.
Now You. do you have Chrome installed?
Barely the article is up and two shit posts by les Firefox users already. Here is your usual medicine: Nobody cares about your browser. People only use Chrome / Chromium and Safari. As such, only they are getting attacked by hackers at scale. Just because almost nobody looks at the Firefox codebase at all, does not mean it is secure.
Your daily dose of realism, brought to you by your friendly Iron Heart.
Iron >”Barely the article is up and two shit posts by les Firefox users already. Here is your usual medicine: Nobody cares about your browser. People only use Chrome / Chromium and Safari.”
I don’t use Firefox, so I know you aren’t talking about me. But I do find it interesting that you state that no one uses it just one day after theregister stated that your favorite browser only has a tiny fraction of the user base of Firefox: “The Brave browser, we’re told, currently has about 57.76 million monthly active users. Mozilla Firefox, as a point of comparison, has about 187 million monthly active users.”[1]
[1]”Brave cuts ties with Bing to offer its own image and video search results”, theregister[dot]com, Aug 3, 2023
@Andy Prough
> But I do find it interesting that you state that no one uses it just one day after theregister stated that your favorite browser only has a tiny fraction of the user base of Firefox
Highly intelligent point you make there, Brave is based on Chromium which has 80% market share in the browser market. When discussing Brave, you are discussing Chromium. Firefox has like, what? 3% market share? Just because Brave itself is smaller, does not mean the tech that it is based on is smaller, you absolute genius.
@Iron Heart I hardly ever agree with you, but I definitely saw things from your perspective when I read Andy’s post, which amounts to just unnecessary, empty space.
Whatever sad compulsion Andy feels to constantly talk against chromium, you feel an opposite but equal compulsion to defend it – I don’t know if that makes you both sad, but it’s fun to read regardless.
Personally I am just not gonna give attention to chromium as it’s developed by Google, even if that means using an inferior browser. I used Chrome for years, don’t hate it by any means, don’t mind admitting are some blatant things which it does far better than Firefox.
But I have a question, does Chromium have any equivalent to userchrome.css – firefox sucks but I can edit nearly any aspect of it, even UI behaviours, and I can have wanted add-ons show up without having to click an “extensions” button. Does any chromium browser have this level of control? Let me know as I would recommend it to my brother – this is the one saving grace which makes me appreciate firefox, as I haven’t been able to find it elsewhere.
What made me step away from chrome was this: every time there was a change I didn’t like, there was an experimental flag to let you keep the change, and then later they remove the flag, this happened so many times I just got fed up of it. To the best of my knowledge, chromium browsers just follow chrome’s lead on most things. Tab discarding was a big thing for me, used to be you could just not have it enabled at all, then it was moved to an experimental flag, then there was no method for controlling it – so I tried Brave, and a short while later, Brave also lost the ability to control this feature. MONTHS later, Google revamps the discarding system and brings it back, but that was too late for me, I don’t like waiting for months for features to be re-added.
Always fun to discuss browsers!
@bruh
> But I have a question, does Chromium have any equivalent to userchrome.css – firefox sucks but I can edit nearly any aspect of it, even UI behaviours, and I can have wanted add-ons show up without having to click an “extensions” button.
Chromium hardly has any UI customization at all. Vivaldi is based on Chromium and is heavily customizable, via CSS: _https://old.reddit.com/r/VivaldiCSS/_
Note that the interface is often subject to change, and so are the related CSS tweaks.
> What made me step away from chrome was this: every time there was a change I didn’t like, there was an experimental flag to let you keep the change, and then later they remove the flag, this happened so many times I just got fed up of it.
Yeah the UI-related flags especially are short-lived. When a new interface (feature) is implemented, the code of the prior implementation is retained for a time, and then removed, which then also means the flag is gone. It’s the same with Firefox though – when the current Proton interface got implemented and supplanted Photon, you could reactivate Photon for, like, 2 versions after, and then the about:config setting to re-enable Photon was gone, and so was the related code. You were then dependent on modifying it with unsupported CSS. Only the web standard-related about:config settings in Firefox are really long-standing / permanent.
> To the best of my knowledge, chromium browsers just follow chrome’s lead on most things.
Yes, because the Chrome UI is basically the Chromium UI. Most browsers forking Chromium retain said UI, only Vivaldi (to my knowledge) built a wrapper around it that is modifiable with CSS. The Brave interface is the Chrome interface, slightly modified but equally unfriendly towards customization. I don’t mind, because I like it. But if you are heavily into modifying interfaces to your liking, I can see why you would dislike its lack of flexibility.
> Whatever sad compulsion Andy feels to constantly talk against chromium, you feel an opposite but equal compulsion to defend it – I don’t know if that makes you both sad, but it’s fun to read regardless.
Yeah it’s less about Chromium to me than it is about intellectual honesty, believe it or not. In order to say that Firefox is more secure (it isn’t, but hey…), you would first have to prove that it is attacked with a frequency anywhere near the frequency Chromium is attacked at. This will be hard to do. If hardly anyone cares to look, it is easy to come out with nominally fewer security issues, however the absolute number is not proving anything at all. In order to make any judgments here, you would have compare the actual codebases of both products, and from what I gather Firefox is actually lacking several important exploit mitigations like actual side isolation (in Firefox, it is still possible that completely different websites run in the same process). Since that is the case, recommending it over Chromium, based on the dishonestly used assertion that it has nominally (and not actually) fewer security issues (due to a lack of attacks, due to irrelevancy), is astroturfing worthy of a clown to me. It’s not based on anything other than a purposefully misleading discussion of a nominal number, which is lacking important context. Hope that makes sense.
There is no point in myself defending the security of any browser. Naturally, as the gateway to the internet, a browser will be often attacked, and security issues will be found. Therefore, I would be stupid to declare it “secure” – it isn’t, and can’t be, as software (development) is always in flux and so are the bad guys testing it. But the intellectual dishonesty of people astroturfing for an irrelevant competitor product can and should be called out.
I suspect that my special friend Andy here is angered that not everyone is astroturfing for the irrelevant projects he supports, and is weirdly wanting to “show it to me” whenever a Chromium security-related article is coming up. It is as predictable by now as it is clown-like.
@bruh you don’t count you’re a google stan
>”out of bounds memory access”
Too bad there aren’t any memory safe programming languages google could possibly use, instead of slopping together their web browser with chicken wire and duct tape.
Hey Andy:
Left: You when posting on the Pale Moon forum, Phoronix
Right: You when posting on gHacks.
_https://i.kym-cdn.com/entries/icons/original/000/031/021/cover2.jpg_
Cool story bro, except that I’ve never breathed a word in opposition to Google cleaning up their slop-fest of an insecure code base with memory safe programming languages on the Pale Moon forum. This sounds like a case of mistaken identity. But no problem, no need to apologize, we all make mistakes.
only 17? I guess they’re slipping