Software-update: Google Chrome 4.0.249.78

Google heeft maandag de eerste stabiele versie uitgebracht van versie 4.0 voor Windows van zijn webbrowser Chrome. De update heeft versienummer 4.0.249.78 en kan via de updatefunctie in de browser zelf of vanaf deze pagina binnen worden gehaald. Nieuw in versie 4.0 is de ondersteuning voor extensions, zoals we die ook kennen van Mozilla Firefox. Ook nieuw is de mogelijkheid om bookmarks te synchroniseren, wat handig is wanneer er op meerdere computers gesurft wordt. Verder worden zijn er nieuwe html5-api's toegevoegd, is de browser een stuk sneller geworden en zijn er diverse beveiligingsproblemen verholpen. Hieronder zijn de belangrijkste veranderingen sinds versie 3.0 voor je op een rijtje gezet:

Stable Channel Update

The stable channel has been updated to 4.0.249.78 for Windows, and includes the following features and security fixes (since 3.0):

• Extensions
• Bookmark sync
• Enhanced developer tools
• HTML5: Notifications, Web Database, Local Storage, WebSockets, Ruby support
• v8 performance improvements
• Skia performance improvements
• Full ACID3 pass, due to re-enabled remote font support (with added defense against bugs in operating system font libraries)
• HTTP byte range support
• New security feature: "Strict Transport Security" support
• Experimental new anti-reflected-XSS feature called "XSS Auditor"

Security Fixes:

Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

• [3275] Low Pop-up blocker bypass. Credit to Google Chrome Security Team (SkyLined).
• [9877] Medium Cross-domain theft due to CSS design error. Credit to Chris Evans of the Google Security Team.
• [12523] Medium Browser memory error with stale pop-up block menu. Credit to Jacob Balle and Carsten Eiram, Secunia Research.
• [20450] Low Prevent XHR to directories. Credit to the Chromium development community.
• [23693] Low Escape more characters in shortcuts. Credit to Michal Zalewski of the Google Security Team and, independently, Inferno of SecureThoughts.com.
• [8864] [24701] [24646] High Renderer memory errors drawing on canvases. Credit to Michal Zalewski of the Google Security Team and Google Chrome Security Team (SkyLined).
• [28566] High Image decoding memory error. Credit to Robert Swiecki of the Google Security Team.
• [29920] Low Corner case failure to strip Referer. Credit to the Chromium development community.
• [30666] High Cross-domain access error. Credit to Tokuji Akamine, Senior Consultant at Symantec Consulting Services.
• [31307] High Bitmap deserialization error. Credit to Mark Dowd, under contract to Google Chrome Security Team.
• [31517] Low Browser crash with nested URL.