Chrome v63 – V8 speed improvements

Chrome got a new update today, it’s Browser is now downloadable in version 63. Windows, Mac and Linux users should update as soon as possible, there not only security related fixes, it also changed something on the JavaScript engine (V8) which renders pages a bit faster now.

Official Google Logo
Official Google Chrome Logo

Here is a quick overview what’s changes:

  • Lower memory consumption.
  • New ECMAScript engine functions.
  • Chrome now allows to disable audio for individual pages (that’s good!)
  • Async generator functions updates, developers can now create custom async iterators through async iterator factories.
  • Site isolation.

The rest of the changes

For what’s new in the browser’s DevTools, check out the entire release notes.

Security fixes

  • [$10500][778505] Critical CVE-2017-15407: Out of bounds write in QUIC. Reported by Ned Williamson on 2017-10-26
  • [$6337][762374] High CVE-2017-15408: Heap buffer overflow in PDFium. Reported by Ke Liu of Tencent’s Xuanwu LAB on 2017-09-06
  • [$5000][763972] High CVE-2017-15409: Out of bounds write in Skia. Reported by Anonymous on 2017-09-11
  • [$5000][765921] High CVE-2017-15410: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-09-16
  • [$5000][770148] High CVE-2017-15411: Use after free in PDFium. Reported by Luật Nguyễn (@l4wio) of KeenLab, Tencent on 2017-09-29
  • [$3500][727039] High CVE-2017-15412: Use after free in libXML. Reported by Nick Wellnhofer on 2017-05-27
  • [$500][766666] High CVE-2017-15413: Type confusion in WebAssembly. Reported by Gaurav Dewan(@007gauravdewan) of Adobe Systems India Pvt. Ltd. on 2017-09-19
  • [$3337][765512] Medium CVE-2017-15415: Pointer information disclosure in IPC call. Reported by Viktor Brange of Microsoft Offensive Security Research Team on 2017-09-15
  • [$2500][779314] Medium CVE-2017-15416: Out of bounds read in Blink. Reported by Ned Williamson on 2017-10-28
  • [$2000][699028] Medium CVE-2017-15417: Cross origin information disclosure in Skia . Reported by Max May on 2017-03-07
  • [$1000][765858] Medium CVE-2017-15418: Use of uninitialized value in Skia. Reported by Kushal Arvind Shah of Fortinet’s FortiGuard Labs on 2017-09-15
  • [$1000][780312] Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-10-31
  • [$500][777419] Medium CVE-2017-15420: URL spoofing in Omnibox. Reported by WenXu Wu of Tencent’s Xuanwu Lab on 2017-10-23
  • [$TBD][774382] Medium CVE-2017-15422: Integer overflow in ICU. Reported by Yuan Deng of Ant-financial Light-Year Security Lab on 2017-10-13
  • [$500][778101] Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. Reported by Greg Hudson on 2017-10-25
  • [$N/A][756226] Low CVE-2017-15424: URL Spoof in Omnibox. Reported by Khalil Zhani on 2017-08-16
  • [$N/A][756456] Low CVE-2017-15425: URL Spoof in Omnibox. Reported by xisigr of Tencent’s Xuanwu Lab on 2017-08-17
  • [$N/A][756735] Low CVE-2017-15426: URL Spoof in Omnibox. Reported by WenXu Wu of Tencent’s Xuanwu Lab on 2017-08-18
  • [$N/A][768910] Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. Reported by Junaid Farhan (fb.me/junaid.farhan.54) on 2017-09-26
  • [792099] Various fixes from internal audits, fuzzing and other initiatives

At the end of the day it sounds like a normal update but the audio muting feature might be interesting especially for people who having a lots of tabs opening the same time e.g. YouTubers, sound artists or just some which watching and listening to a lot of different sources.

Consumer version
x64
chromeinstaller.exe
ChromeStandaloneSetup64.exe
x86
chrome_installer.exe
ChromeStandaloneSetup.exe

Enterprise version (MSI Installers)
x64
googlechromestandaloneenterprise64.msi
googlechromestandaloneenterprise64.msi
x86
googlechromestandaloneenterprise.msi
googlechromestandaloneenterprise.msi

Linux
x64
google-chrome-stable_current_amd64.deb
x86
google-chrome-stable_current_x86_64.rpm

MacOS
googlechrome.dmg

Google Chrome Cleanup Tool
chrome_cleanup_tool.exe
software_removal_tool.exe

Source

Comments are closed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: