Google Chrome v68.0.3440.75 正式版发布

2018-07-2615:13:09 14 10,232

昨天下午发现Chrome正式版的版本还是67.0.3396.99,今天发现居然发布更新到:68.0.3440.75了.

谷歌浏览器Google Chrome稳定版迎来v68正式版首个版本发布,详细版本号为v68.0.3440.75,上一个正式版v67.0.3396.99发布于6月13日,时隔29天Google又发布了新版Chrome浏览器,本次升级主要是更新了42项安全修复和稳定性改进及用户体验。

Google Chrome v68.0.3440.75 正式版发布

谷歌浏览器v68正式版新增了一项重大的变化,当加载非HTTPS时,该浏览器的处理方式会更加审慎。只要遇到潜在不安全的站点,Chrome都将开始抛出警告信息。虽然不会对日常使用造成太大的影响,但这确实是迄今为止发生的一个重大转变。

网友发现还更新了一个“重量级”的功能:

Google Chrome v68.0.3440.75 正式版发布

直接拦截了运营商的劫持,但是看了下 http 劫持还是存在!

谷歌浏览器v67正式版新增站点隔离功能,可以提高Chrome浏览器的整体安全性,保护用户或最大限度地降低广受媒体关注的Spectre安全漏洞可能导致的攻击风险,该漏洞已经不少于比四个变种。此外,更充分地利用智能手机中的各个传感器,并通过全新的WebXR框架(已经整合了VR和AR的诸多API)为移动端设备带来更好的沉浸式体验。而这些API可用于创建例如桌面迷宫等网页游戏或者类似于数字指南针等实用工具。

官方更新日志:

Chrome稳定版已经更新到v68.0.3440.75
安全修复程序和奖励
更新包括42项安全修复

[$5000][850350] High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07
[$3000][848914] High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01
[$N/A][842265] High CVE-2018-6155: Use after free in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-11
[$N/A][841962] High CVE-2018-6156: Heap buffer overflow in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-10
[$N/A][840536] High CVE-2018-6157: Type confusion in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2018-05-07
[$2000][841280] Medium CVE-2018-6158: Use after free in Blink. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-05-09
[$2000][837275] Medium CVE-2018-6159: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-04-26
[$1000][839822] Medium CVE-2018-6160: URL spoof in Chrome on iOS. Reported by evi1m0 of Bilibili Security Team on 2018-05-04
[$1000][826552] Medium CVE-2018-6161: Same origin policy bypass in WebAudio. Reported by Jun Kokatsu (@shhnjk) on 2018-03-27
[$1000][804123] Medium CVE-2018-6162: Heap buffer overflow in WebGL. Reported by Omair on 2018-01-21
[$500][849398] Medium CVE-2018-6163: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-06-04
[$500][848786] Medium CVE-2018-6164: Same origin policy bypass in ServiceWorker. Reported by Jun Kokatsu (@shhnjk) on 2018-06-01
[$500][847718] Medium CVE-2018-6165: URL spoof in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-05-30
[$500][835554] Medium CVE-2018-6166: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-21
[$500][833143] Medium CVE-2018-6167: URL spoof in Omnibox. Reported by Lnyas Zhang on 2018-04-15
[$500][828265] Medium CVE-2018-6168: CORS bypass in Blink. Reported by Gunes Acar and Danny Y. Huang of Princeton University, Frank Li of UC Berkeley on 2018-04-03
[$500][394518] Medium CVE-2018-6169: Permissions bypass in extension installation . Reported by Sam P on 2014-07-16
[$TBD][862059] Medium CVE-2018-6170: Type confusion in PDFium. Reported by Anonymous on 2018-07-10
[$TBD][851799] Medium CVE-2018-6171: Use after free in WebBluetooth. Reported by amazon@mimetics.ca on 2018-06-12
[$TBD][847242] Medium CVE-2018-6172: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-05-28
[$TBD][836885] Medium CVE-2018-6173: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-04-25
[$N/A][835299] Medium CVE-2018-6174: Integer overflow in SwiftShader. Reported by Mark Brand of Google Project Zero on 2018-04-20
[$TBD][826019] Medium CVE-2018-6175: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-03-26
[$N/A][666824] Medium CVE-2018-6176: Local user privilege escalation in Extensions. Reported by Jann Horn of Google Project Zero on 2016-11-18
[$500][826187] Low CVE-2018-6177: Cross origin information leak in Blink. Reported by Ron Masas (Imperva) on 2018-03-27
[$500][823194] Low CVE-2018-6178: UI spoof in Extensions. Reported by Khalil Zhani on 2018-03-19
[$500][816685] Low CVE-2018-6179: Local file information leak in Extensions. Reported by Anonymous on 2018-02-26
[$500][797461] Low CVE-2018-6044: Request privilege escalation in Extensions . Reported by Rob Wu on 2017-12-23
[$500][791324] Low CVE-2018-4117: Cross origin information leak in Blink. Reported by AhsanEjaz - @AhsanEjazA on 2017-12-03
[866821] Various fixes from internal audits, fuzzing and other initiatives
The following bugs were fixed in previous Chrome releases, but were mistakenly omitted from the release notes at the time:
[$1000][812667] Medium CVE-2018-6150: Cross origin information disclosure in Service Workers. Reported by Rob Wu on 2018-02-15
[$500][805905] Medium CVE-2018-6151: Bad cast in DevTools. Reported by Rob Wu on 2018-01-25
[$2000][805445] Medium CVE-2018-6152: Local file write in DevTools. Reported by Rob Wu on 2018-01-24

附上常用最新的Google Chrome 浏览器下载地址:

Stable 稳定版 32 位( 68.0.3440.75)

Stable 稳定版 64 位( 68.0.3440.75)

Beta 测试版 32 位( 68.0.3440.68)

Beta 测试版 64 位( 68.0.3440.68)

weinxin
老D博客 微信公众号
请大佬们关注订阅老D博客微信公众号, 扫一扫关注,从此不迷路。 不定时放出邀请码、福利、推送更新等...
网络加速器推荐

发表评论

您必须才能发表评论!

目前评论:14   其中:访客  12   博主  2

    • avatar handy 0

      请教老D:1、MAC,之前未安装过chrome,下载的exe文件如何安装?2、64位和32位选哪个?

      • avatar laohe12138 3

        下了之后为什么安装不了?

        • avatar xuhp 0

          还不错啊

          • avatar xiaodi 0

            为什么我早早地用上了chrome69呢???我感觉那个标签面真的是辣眼睛,就是以前firefox不用了的标签风格,有点受不了

            • avatar 8369048 0

              我这儿更新之后似乎出现了视频播放不能全屏的问题……不知道有没有人遇到同样的问题

              • avatar lzw121212 0

                老D,怎么更新到最新版本后,浏览器整体颜色变成黄了 :?:

                • avatar mingtiannihao 2

                  是不是得把旧版的chrome删除才能安装啊,老D?

                  • avatar shelwinsu 1

                    还有内置最新的Material Design UI设计,启动Material Design UI,“chrome://flags/#top-chrome-md”户选择Refresh :mrgreen:

                    • avatar ZXP123 0

                      你好老D,我下载了你给的安装包为啥电脑打不开那个chrome的安装包呢

                      • avatar lc79320 1

                        不能自动更新怎么解决

                          • avatar soys 1

                            @lc79320 关闭浏览器,使用管理员权限打开就行了…更新完提示重启后,把谷歌浏览器的进程都清了再打开试试?

                          • avatar 张先森的肩是有海的夏天 1

                            stable 和beta 有啥区别?