谷歌浏览器Google Chrome稳定版迎来v72首个版本发布,详细版本号为v72.0.3626.81,上一个正式版v71.0.3578.98发布于12月13日,时隔48天Google又发布了新版Chrome浏览器,本次升级主要是更新了58项安全修复和稳定性改进及用户体验。
谷歌浏览器v72正式版改进了与其它几大Web浏览器的互操作性,不赞成继续提供对TLS 1.0/1.1标准的支持(预计在2020年初的Chrome 81中彻底移除)。
谷歌浏览器v71正式版添加了以屏蔽恶意诱导性广告,并通过显示收费警告的方式打击恶意广告行为的新功能。Chorme也会静音那些打开时自动播放声音的网页,用户必须手动点击播放按钮才能播放语音合成内容,用户不主动操作那么直接禁止音频的播放。
谷歌浏览器v70正式版引入了诸多新的功能,包括画中画功能,禁用谷歌绑定登陆,在Windows平台支持Progressive Web Apps,允许用户严苛限制扩展可访问的网站白名单,此外还有AV1解码器等。
Chrome稳定版已经更新到v72.0.3626.81
安全修复程序和奖励
更新包括58项安全修复
[$7500][914497] Critical CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12
[$N/A][906043] High CVE-2019-5782: Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16
[$5000][913296] High CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10
[$5000][895152] High CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14
[$3000][915469] High CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15
[$3000][913970] High CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
[$3000][912211] High CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05
[$3000][912074] High CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05
[$3000][904714] High CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13
[$3000][900552] High CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31
[$1000][914731] High CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13
[$1000][913246] High CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09
[$N/A][922677] High: Use after free in FileAPI. Reported by Mark Brand of Google Project Zero on 2019-01-16
[$TBD][922627] High CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16
[$N/A][916080] High: Use after free in Mojo interface. Reported by Mark Brand of Google Project Zero on 2018-12-18
[$N/A][912947] High: Use after free in Payments. Reported by Mark Brand of Google Project Zero on 2018-12-07
[$N/A][912520] High: Use after free in Mojo interface. Reported by Mark Brand of Google Project Zero on 2018-12-06
[$N/A][899689] High: Stack buffer overflow in Skia. Reported by Ivan Fratric of Google Project Zero on 2018-10-29
[$4000][907047] Medium CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20
[$2000][902427] Medium CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06
[$2000][805557] Medium CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24
[$1000][913975] Medium CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11
[$1000][908749] Medium CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt@ on 2018-11-27
[$1000][904265] Medium CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12
[$500][908292] Medium CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26
[$N/A][917668] Medium CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24
[$N/A][904182] Medium CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11
[$N/A][896722] Medium CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
[$N/A][863663] Medium CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14
[$N/A][849421] Medium CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04
[$500][918470] Low CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02
[$500][904219] Low CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11
[$500][891697] Low CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03
[$N/A][896725] Low CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
[926238] Various fixes from internal audits, fuzzing and other initiatives
Google Chrome 稳定版 离线安装包 官方本地下载地址:
Google Chrome v72.0.3626.81 无更新功能版 32位
SHA1:FBF58557825D4F5E9840B5D20E9EAE2CFD7634C8
SHA256:A4835EE8A598DA9311E83668E7FCADF15A04034DA8220557EB6FAAED5C55096D
http://dl.google.com/release2/chrome/AKhIoWXPYOV1_72.0.3626.81/72.0.3626.81_chrome_installer.exe
https://dl.google.com/release2/chrome/AKhIoWXPYOV1_72.0.3626.81/72.0.3626.81_chrome_installer.exe
http://www.google.com/dl/release2/chrome/AKhIoWXPYOV1_72.0.3626.81/72.0.3626.81_chrome_installer.exe
Google Chrome v72.0.3626.81 无更新功能版 64位
SHA1:7868375815E30713197632544FCCB958A71D3ACE
SHA256:6D5C52FFCE1D9FE1D558394D4CE9DE31202445EAE7262A50C11A3F6184E50AAB
http://dl.google.com/release2/chrome/KDa2LYdcPTQ_72.0.3626.81/72.0.3626.81_chrome_installer.exe
https://dl.google.com/release2/chrome/KDa2LYdcPTQ_72.0.3626.81/72.0.3626.81_chrome_installer.exe
http://www.google.com/dl/release2/chrome/KDa2LYdcPTQ_72.0.3626.81/72.0.3626.81_chrome_installer.exe
https://www.google.com/dl/release2/chrome/KDa2LYdcPTQ_72.0.3626.81/72.0.3626.81_chrome_installer.exe
Google Chrome v72.0.3626.81 Mac版
SHA1:38E488795DF78C35316B96BC885D1103097EC422
SHA256:5C6B2496353A2DFB4388FBEDB682492C8EF10BD61282CDF5A6157813901E7F0E
http://dl.google.com/release2/chrome/ANDcT3GBQJm__72.0.3626.81/GoogleChrome-72.0.3626.81.dmg
https://dl.google.com/release2/chrome/ANDcT3GBQJm__72.0.3626.81/GoogleChrome-72.0.3626.81.dmg
http://www.google.com/dl/release2/chrome/ANDcT3GBQJm__72.0.3626.81/GoogleChrome-72.0.3626.81.dmg
https://www.google.com/dl/release2/chrome/ANDcT3GBQJm__72.0.3626.81/GoogleChrome-72.0.3626.81.dmg
Google Chrome 官方带更新功能版 网盘:
https://www.lanzous.com/b138066