Google Chrome

Google Chrome 62.0.3202.94

Has Chrome changed how it updates itself? I ask because I never see Chrome update itself....usually the 3 little dots in upper right corner usually go orange to let one know there's an update. It doesn't do that anymore (for me) yet when I check to see if there's an update I always seem to have the latest version installed already.
 
Not that know of but check the changelogs of recent releases. Sometimes I need to update manually and other times the browser itself has beat me to it.
 
Has Chrome changed how it updates itself? I ask because I never see Chrome update itself....usually the 3 little dots in upper right corner usually go orange to let one know there's an update. It doesn't do that anymore (for me) yet when I check to see if there's an update I always seem to have the latest version installed already.
It's called silent update :)
 
Google has released Version 54.0.2840.59 of the Chrome browser.
Stable Channel Update for Desktop
Wednesday, October 12, 2016
The Chrome team is delighted to announce the promotion of Chrome 54 to the stable channel - 54.0.2840.59 for Windows, Mac, and Linux. This will roll out over the coming days/weeks.


Chrome 54.0.2840.59 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 54.
Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 21 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$7500][645211] High CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous
[$5500][638615] High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go of STEALIEN
[$3000][645122] High CVE-2016-5183: Use after free in PDFium. Credit to Anonymous
[$3000][630654] High CVE-2016-5184: Use after free in PDFium. Credit to Anonymous
[$3000][621360] High CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer
[$1000][639702] High CVE-2016-5187: URL spoofing. Credit to Luan Herrera
[$3133.7][565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan Herrera
[$1000][633885] Medium CVE-2016-5192: Cross-origin bypass in Blink. Credit to [email protected]
[$500][646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr of Tencent's Xuanwu Lab
[$500][644963] Medium CVE-2016-5186: Out of bounds read in DevTools. Credit to Abdulrahman Alqabandi (@qab)
[$500][639126] Medium CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes
[$N/A][642067] Medium CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen of OUSPG
[$500][639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU (martinzhou96)

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [654782] CVE-2016-5194: Various fixes from internal audits, fuzzing and other initiatives

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.
Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Richard Bustamante
Google Chrome
 
Google has released Version 54.0.2840.71 of the Chrome browser.
Stable Channel Update for Desktop
Thursday, October 20, 2016
The stable channel has been updated to 54.0.2840.71 for Windows, Mac, and Linux. This will roll out over the coming days/weeks.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Richard Bustamante
Google Chrome
 
Google has released Version 54.0.2840.87 of the Chrome browser.
Stable Channel Update for Desktop
Tuesday, November 1, 2016
The stable channel has been updated to 54.0.2840.87 for Windows, Mac, and 54.0.2840.90 for Linux. This will roll out over the coming days/weeks.


A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Richard Bustamante
Google Chrome
 
Google has released Version 54.0.2840.99 of the Chrome browser.
Stable Channel Update for Desktop
Wednesday, November 9, 2016
The stable channel has been updated to 54.0.2840.99 for Windows, 54.0.2840.98 for Mac, and 54.0.2840.100 on Linux. This will roll out over the coming days/weeks.

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$5500][643948] High CVE-2016-5199: Heap corruption in FFmpeg. Credit to Paul Mehta
[$5000][658114] High CVE-2016-5200: Out of bounds memory access in V8. Credit to Choongwoo Han
[$1000][660678] Medium CVE-2016-5201: Info leak in extensions. Credit to Rob Wu
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [662843] CVE-2016-5202: Various fixes from internal audits, fuzzing and other initiatives
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.



A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Richard Bustamante
Google Chrome
 
A huge update for Chrome 55.0.2883.75 which fixes 36 Security Updates as well as much more:
Stable Channel Update for Desktop
Thursday, December 1, 2016
The Chrome team is delighted to announce the promotion of Chrome 55 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.

Chrome 55.0.2883.75 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 55.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 36 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$N/A][664411] High CVE-2016-9651: Private property access in V8. Credit to Guang Gong of Alpha Team Of Qihoo 360
[$7500][658535] High CVE-2016-5208: Universal XSS in Blink. Credit to Mariusz Mlynski
[$7500][655904] High CVE-2016-5207: Universal XSS in Blink. Credit to Mariusz Mlynski
[$7500][653749] High CVE-2016-5206: Same-origin bypass in PDFium. Credit to Rob Wu (robwu.nl)
[$7500][646610] High CVE-2016-5205: Universal XSS in Blink. Credit to Anonymous
[$7500][630870] High CVE-2016-5204: Universal XSS in Blink. Credit to Mariusz Mlynski
[$5000][664139] High CVE-2016-5209: Out of bounds write in Blink. Credit to Giwan Go of STEALIEN
[$3000][644219] High CVE-2016-5203: Use after free in PDFium. Credit to Anonymous
[$3500][654183] High CVE-2016-5210: Out of bounds write in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB
[$3000][653134] High CVE-2016-5212: Local file disclosure in DevTools. Credit to Khalil Zhani
[$3000][649229] High CVE-2016-5211: Use after free in PDFium. Credit to Anonymous
[$500][652548] High CVE-2016-5213: Use after free in V8. Credit to Khalil Zhani
[$N/A][601538] Medium CVE-2016-5214: File download protection bypass. Credit to Jonathan Birch and MSVR
[$3000][653090] Medium CVE-2016-5216: Use after free in PDFium. Credit to Anonymous
[$3000][619463] Medium CVE-2016-5215: Use after free in Webaudio. Credit to Looben Yang
[$2500][654280] Medium CVE-2016-5217: Use of unvalidated data in PDFium. Credit to Rob Wu (robwu.nl)
[$2000][660498] Medium CVE-2016-5218: Address spoofing in Omnibox. Credit to Abdulrahman Alqabandi (@qab)
[$1500][657568] Medium CVE-2016-5219: Use after free in V8. Credit to Rob Wu (robwu.nl)
[$1000][660854] Medium CVE-2016-5221: Integer overflow in ANGLE. Credit to Tim Becker of ForAllSecure
[$1000][654279] Medium CVE-2016-5220: Local file access in PDFium. Credit to Rob Wu (robwu.nl)
[$500][657720] Medium CVE-2016-5222: Address spoofing in Omnibox. Credit to xisigr of Tencent's Xuanwu Lab
[$N/A][653034] Low CVE-2016-9650: CSP Referrer disclosure. Credit to Jakub Żoczek
[$N/A][652038] Low CVE-2016-5223: Integer overflow in PDFium. Credit to Hwiwon Lee
[$N/A][639750] Low CVE-2016-5226: Limited XSS in Blink. Credit to Jun Kokatsu (@shhnjk)
[$N/A][630332] Low CVE-2016-5225: CSP bypass in Blink. Credit to Scott Helme (@Scott_Helme, scotthelme.co.uk)
[$N/A][615851] Low CVE-2016-5224: Same-origin bypass in SVG. Credit to Roeland Krak
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [669928] CVE-2016-9652: Various fixes from internal audits, fuzzing and other initiatives
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.
Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Krishna Govind
Google Chrome
 
Google has released Version 55.0.2883.87 of the Chrome browser.
Stable Channel Update for Desktop
Friday, December 9, 2016
The stable channel has been updated to 55.0.2883.87 for Windows and Mac. This will roll out over the coming days/weeks (Linux update will be coming next week).


A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Krishna Govind
Google Chrome
 
Google has released Version 56.0.2924.76 of the Chrome browser.
Stable Channel Update for Desktop
Wednesday, January 25, 2017
The Chrome team is delighted to announce the promotion of Chrome 56 to the stable channel - 56.0.2924.76 for Windows, Mac and Linux. This will roll out over the coming days/weeks.

Chrome 56.0.2924.76 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 56.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 51 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.


[$8837][671102] High CVE-2017-5007: Universal XSS in Blink. Credit to Mariusz Mlynski
[$8000][673170] High CVE-2017-5006: Universal XSS in Blink. Credit to Mariusz Mlynski
[$8000][668552] High CVE-2017-5008: Universal XSS in Blink. Credit to Mariusz Mlynski
[$7500][663476] High CVE-2017-5010: Universal XSS in Blink. Credit to Mariusz Mlynski
[$3000][662859] High CVE-2017-5011: Unauthorised file access in Devtools. Credit to Khalil Zhani
[$3000][667504] High CVE-2017-5009: Out of bounds memory access in WebRTC. Credit to Sean Stanek and Chip Bradford
[$5500][681843] High CVE-2017-5012: Heap overflow in V8. Credit to Gergely Nagy (Tresorit)
[$2000][677716] Medium CVE-2017-5013: Address spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
[$2000][675332] Medium CVE-2017-5014: Heap overflow in Skia. Credit to sweetchip
[$2000][673971] Medium CVE-2017-5015: Address spoofing in Omnibox. Credit to Armin Razmdjou
[$2000][666714] Medium CVE-2017-5019: Use after free in Renderer. Credit to Wadih Matar
[$1000][673163] Medium CVE-2017-5016: UI spoofing in Blink. Credit to Haosheng Wang (@gnehsoah)
[$500][676975] Medium CVE-2017-5017: Uninitialised memory access in webm video. Credit to danberm
[$500][668665] Medium CVE-2017-5018: Universal XSS in chrome://apps. Credit to Rob Wu
[$TBD][668653] Medium CVE-2017-5020: Universal XSS in chrome://downloads. Credit to Rob Wu
[$N/A][663726] Low CVE-2017-5021: Use after free in Extensions. Credit to Rob Wu
[$N/A][663620] Low CVE-2017-5022: Bypass of Content Security Policy in Blink. Credit to 李普君 of 无声信息技术PKAV Team
[$N/A][651443] Low CVE-2017-5023: Type confusion in metrics. Credit to the UK's National Cyber Security Centre (NCSC)
[$N/A][643951] Low CVE-2017-5024: Heap overflow in FFmpeg. Credit to Paul Mehta
[$N/A][643950] Low CVE-2017-5025: Heap overflow in FFmpeg. Credit to Paul Mehta
[$500][634108] Low CVE-2017-5026: UI spoofing. Credit to Ronni Skansing


We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.


As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [685349] Various fixes from internal audits, fuzzing and other initiatives


Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Richard Bustamante
Google Chrome
 
Google has released Version 56.0.2924.87 of the Chrome browser.
Stable Channel Update for Desktop
Wednesday, February 1, 2017
The stable channel has been updated to 56.0.2924.87 for Windows, Mac, and Linux. This will roll out over the coming days/weeks.


A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Richard Bustamante
Google Chrome
 
Google has released Version 57.0.2987.98 of the Chrome browser.
Stable Channel Update for Desktop
Thursday, March 9, 2017
The Chrome team is delighted to announce the promotion of Chrome 57 to the stable channel - 57.0.2987.98 for Windows, Mac and Linux. This will roll out over the coming days/weeks.

Chrome 57.0.2987.98 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 57.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 36 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$7500][682194] High CVE-2017-5030: Memory corruption in V8. Credit to Brendon Tiszka
[$5000][682020] High CVE-2017-5031: Use after free in ANGLE. Credit to Looben Yang
[$3000][668724] High CVE-2017-5032: Out of bounds write in PDFium. Credit to Ashfaq Ansari - Project Srishti
[$3000][676623] High CVE-2017-5029: Integer overflow in libxslt. Credit to Holger Fuhrmannek
[$3000][678461] High CVE-2017-5034: Use after free in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB
[$3000][688425] High CVE-2017-5035: Incorrect security UI in Omnibox. Credit to Enzo Aguado
[$3000][691371] High CVE-2017-5036: Use after free in PDFium. Credit to Anonymous
[$1000][679640] High CVE-2017-5037: Multiple out of bounds writes in ChunkDemuxer. Credit to Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com)
[$500][679649] High CVE-2017-5039: Use after free in PDFium. Credit to jinmo123
[$2000][691323] Medium CVE-2017-5040: Information disclosure in V8. Credit to Choongwoo Han
[$1000][642490] Medium CVE-2017-5041: Address spoofing in Omnibox. Credit to Jordi Chancel
[$1000][669086] Medium CVE-2017-5033: Bypass of Content Security Policy in Blink. Credit to Nicolai Grødum
[$1000][671932] Medium CVE-2017-5042: Incorrect handling of cookies in Cast. Credit to Mike Ruddy
[$1000][695476] Medium CVE-2017-5038: Use after free in GuestView. Credit to Anonymous
[$1000][683523] Medium CVE-2017-5043: Use after free in GuestView. Credit to Anonymous
[$1000][688987] Medium CVE-2017-5044: Heap overflow in Skia. Credit to Kushal Arvind Shah of Fortinet's FortiGuard Labs
[$500][667079] Medium CVE-2017-5045: Information disclosure in XSS Auditor. Credit to Dhaval Kapil (vampire)
[$500][680409] Medium CVE-2017-5046: Information disclosure in Blink. Credit to Masato Kinugawa
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [699618] Various fixes from internal audits, fuzzing and other initiatives


Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.
Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Krishna Govind
Google Chrome
 
Google has released Version 57.0.2987.110 of the Chrome browser.
Stable Channel Update for Desktop
Thursday, March 16, 2017
The stable channel has been updated to 57.0.2987.110 for Windows, Mac, and Linux. This will roll out over the coming days/weeks.


A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Krishna Govind
Google Chrome
 
Google has released Version 57.0.2987.133 of the Chrome browser.

Stable Channel Update for Desktop
Wednesday, March 29, 2017
The stable channel has been updated to 57.0.2987.133 for Windows, Mac, and Linux. This will roll out over the coming days/weeks.


Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$9337][698622] Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar
[$3000][699166] High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs
[$1000][662767] High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin
[$N/A][705445] High CVE-2017-5056: Use after free in Blink. Credit to anonymous
[$N/A][702058] High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587)

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.
A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Krishna Govind
Google Chrome
 
Google has released Version 58.0.3029.81 of the Chrome browser.
Stable Channel Update for Desktop
Wednesday, April 19, 2017
The Chrome team is delighted to announce the promotion of Chrome 58 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.


Chrome 58.0.3029.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 58.
Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 29 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.


[$3000][695826] High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
[$2000][694382] High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
[$N/A][684684] High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative
[$2000][683314] Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
[$2000][672847] Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
[$1500][702896] Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
[$1000][700836] Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
[$1000][693974] Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
[$500][704560] Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
[$500][690821] Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu
[$500][648117] Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
[$N/A][691726] Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman


We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.


As usual, our ongoing internal security work was responsible for a wide range of fixes:
  • [713205] Various fixes from internal audits, fuzzing and other initiatives


Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer.


Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Krishna Govind
Google Chrome
 
Google has released Version 58.0.3029.96 of the Chrome browser.
Stable Channel Update for Desktop
Tuesday, May 2, 2017
The stable channel has been updated to 58.0.3029.96 for Windows, Mac, and Linux. This will roll out over the coming days/weeks.
In order to improve stability, performance, and security, users who are currently on 32-bit version of Chrome, and 64-bit Windows with 4GB or more of memory and auto-update enabled will be automatically migrated to 64-bit Chrome during this update. 32-bit Chrome will still be available via the Chrome download page.

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 1 security fix contributed by external researchers. Please see the Chrome Security Page for more information.
[$500][679306] High CVE-2017-5068: Race condition in WebRTC. Credit to Philipp Hancke

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Krishna Govind
Google Chrome
 
Back
Top