Collaborate Disseminate
Posted by Chrome Root Program, Chrome Security Team Note: This post is a follow-up to discussions carried out on the Mozilla “Dev Security Policy” Web PKI public discussion forum Google Group in December 2022. Google Chrome communicated its distrust of… Continue reading Sustaining Digital Certificate Security – TrustCor Certificate Distrust
Posted by Dana Jansens (she/her), Chrome Security Team We are pleased to announce that moving forward, the Chromium project is going to support the use of third-party Rust libraries from C++ in Chromium. To do so, we are now actively pursuing adding a… Continue reading Supporting the Use of Rust in the Chromium Project
Posted by Benjamin Ackerman, Chrome Security and Jonathan Li, Safe Browsing As a follow-up to a previous blog post about How Hash-Based Safe Browsing Works in Google Chrome, we wanted to provide more details about Safe Browsing’s Enhanced Protection m… Continue reading Enhanced Protection – The strongest level of Safe Browsing protection Google Chrome has to offer
Posted by Adrian Taylor, Bartek Nowierski and Kentaro Hara on behalf of the MiraclePtr team Memory safety bugs are the most numerous category of Chrome security issues and we’re continuing to investigate many solutions – both in C++ and in new program… Continue reading Use-after-freedom: MiraclePtr
By Rohit Bhatia, Mollie Bates, Google Chrome Security There are various threats a user faces when browsing the web. Users may be tricked into sharing sensitive information like their passwords with a misleading or fake website, also called phishing. Th… Continue reading How Hash-Based Safe Browsing Works in Google Chrome
Adrian Taylor, Andrew Whalley, Dana Jansens and Nasko Oskov, Chrome security team Security is a cat-and-mouse game. As attackers innovate, browsers always have to mount new defenses to stay ahead, and Chrome has invested in ever-stronger multi-process … Continue reading An update on Memory Safety in Chrome
Posted by Martin Barbella, Chrome Vulnerability Rewards PanelistStarting today, the Chrome Vulnerability Rewards Program is offering a new bonus for reports which demonstrate exploitability in V8, Chrome’s JavaScript engine. We have historically had ma… Continue reading Announcing Bonus Rewards for V8 Exploits
Posted by Daniel Rubery, Software Engineer, Chrome, Ryan Rasti, Software Engineer, Safe Browsing, and Eric Mill, Product Manager, Chrome SecurityGoogle’s Advanced Protection Program helps secure people at higher risk of targeted online attacks, like jo… Continue reading Improved malware protection for users in the Advanced Protection Program
Google has made several new announcements for its Chrome Web Store that aims at making Chrome extensions more secure and transparent to its users.
Over a couple of years, we have seen a significant rise in malicious extensions that appear to offer use… Continue reading Google Announces 5 Major Security Updates for Chrome Extensions
Although over three months remaining, Google has planned a New Year gift for the Internet users, who’re concerned about their privacy and security.
Starting in January of 2017, the world’s most popular web browser Chrome will begin labeling HTTP sites that transmit passwords or ask for credit card details as “Not Secure” — the first step in Google’s plan to discourage the use of sites that
Continue reading Google Chrome to Label Sensitive HTTP Pages as “Not Secure”