#开源项目# 谷歌浏览器 Google Chrome v90.0.4430.72 正式版

谷歌浏览器Google Chrome正式版迎来v90首个版本发布,详细版本号为v90.0.4430.72,上一个正式版v89.0.4389.128发布于4月14日,时隔1天Google又发布了新版Chrome浏览器,本次升级主要是更新了安全修复和稳定性改进及用户体验。

新版变化

Chrome v90.0.4430.72 正式版(2021-04-15)
blog.chromium.org
blog.google/products/chrome
googlechromereleases.blogspot.com

谷歌浏览器v90正式版主要更新,引入了许多以用户为中心的功能改进,辅以安全性方面的进一步提升。默认向目标网站链接均启用SSL安全传输协议(HTTPS),全新AV1开源视频编码器的技术支持,高清视频占用大幅减小。新增窗口重命名功能,可重命名已打开的多个窗口,可记住窗口的配置,遇到崩溃重启会自动恢复状态。还有WebXR深度API、启用了URL协议设置程序、效果叠加层、以及安全性方面的诸多改进,比如为了防范缓解NAT Slipstream 2.0攻击,而屏蔽封锁了通过554端口的HTTP/HTTPS/FTP服务器访问。

谷歌浏览器v89正式版主要更新,修复了一个零日漏洞,建议用户尽快更新。优化了对WebHID、WebNFC和Web Serial等适用于HID设备API的支持,此外NFC和串行设备也被认为可以投入生产使用。还初步为WebRTC添加了对AV1编码的支持。此外桌面端还带来了Web Share和Web Share Target支持以及其他增强功能。

谷歌浏览器v88正式版主要更新,改进深色主题支持,优化深色模式,覆盖设置、书签、历史、新标签页等更多内部页面的滚动条。停止对FTP的支持,无法使用Chrome作为FTP客户端,不再支持ftp://开头的地址。停止对Mac OS Yosemite的支持,结束对旧版浏览器附加组件的支持,减少请求许可干扰,优化适用于Chrome OS的浅色和深色模式。

安全修复和奖励

Chrome v90.0.4430.72,此更新包括37个安全修复程序。
[$20000][1025683] High CVE-2021-21201: Use after free in permissions. Reported by Gengming Liu and Jianyu Chen when working at Tencent KeenLab on 2019-11-18
[$10000][1188889] High CVE-2021-21202: Use after free in extensions. Reported by David Erceg on 2021-03-16
[$5000][1192054] High CVE-2021-21203: Use after free in Blink. Reported by asnine on 2021-03-24
[$1000][1189926] High CVE-2021-21204: Use after free in Blink. Reported by Chelse Tsai-Simek, Jeanette Ulloa, and Emily Voigtlander of Seesaw on 2021-03-19
[$TBD][1165654] High CVE-2021-21205: Insufficient policy enforcement in navigation. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2021-01-12
[$TBD][1195333] High CVE-2021-21221: Insufficient validation of untrusted input in Mojo. Reported by Guang Gong of Alpha Lab, Qihoo 360 on 2021-04-02
[$5000][1185732] Medium CVE-2021-21207: Use after free in IndexedDB. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2021-03-08
[$3000][1039539] Medium CVE-2021-21208: Insufficient data validation in QR scanner. Reported by Ahmed Elsobky (@0xsobky) on 2020-01-07
[$3000][1143526] Medium CVE-2021-21209: Inappropriate implementation in storage. Reported by Tom Van Goethem (@tomvangoethem) on 2020-10-29
[$3000][1184562] Medium CVE-2021-21210: Inappropriate implementation in Network. Reported by @bananabr on 2021-03-04
[$2000][1103119] Medium CVE-2021-21211: Inappropriate implementation in Navigation. Reported by Akash Labade (m0ns7er) on 2020-07-08
[$500][1145024] Medium CVE-2021-21212: Incorrect security UI in Network Config UI. Reported by Hugo Hue and Sze Yiu Chau of the Chinese University of Hong Kong on 2020-11-03
[$N/A][1161806] Medium CVE-2021-21213: Use after free in WebMIDI. Reported by raven (@raid_akame) on 2020-12-25
[$TBD][1170148] Medium CVE-2021-21214: Use after free in Network API. Reported by Anonymous on 2021-01-24
[$TBD][1172533] Medium CVE-2021-21215: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-01-30
[$TBD][1173297] Medium CVE-2021-21216: Inappropriate implementation in Autofill. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-02
[$500][1166462] Low CVE-2021-21217: Uninitialized Use in PDFium. Reported by Zhou Aiting (@zhouat1) of Qihoo 360 Vulcan Team on 2021-01-14
[$500][1166478] Low CVE-2021-21218: Uninitialized Use in PDFium. Reported by Zhou Aiting (@zhouat1) of Qihoo 360 Vulcan Team on 2021-01-14
[$500][1166972] Low CVE-2021-21219: Uninitialized Use in PDFium. Reported by Zhou Aiting (@zhouat1) of Qihoo 360 Vulcan Team on 2021-01-15
[1198709] Various fixes from internal audits, fuzzing and other initiatives

下载地址

离线安装包“无更新组件”版提取原生绿色版方法:
鼠标右键解压离线安装包,此时会解压出来一个chrome.7z
再对chrome.7z解压就是原生绿色版啦!
离线安装包“无更新组件”版不含在线更新升级功能,所以不会添加更新计划任务,也没有后台更新进程,更干净。

Google Chrome v90.0.4430.72 官方正式版 离线安装包(无更新组件)64位
https://dl.google.com/release2/chrome/VYWR7z03VITSenbdO3GEAQ_90.0.4430.72/90.0.4430.72_chrome_installer.exe
https://www.google.com/dl/release2/chrome/VYWR7z03VITSenbdO3GEAQ_90.0.4430.72/90.0.4430.72_chrome_installer.exe
https://redirector.gvt1.com/edgedl/release2/chrome/VYWR7z03VITSenbdO3GEAQ_90.0.4430.72/90.0.4430.72_chrome_installer.exe

Google Chrome v90.0.4430.72 官方正式版 离线安装包(无更新组件)32位
https://dl.google.com/release2/chrome/QXfLrKD3khekJ96AJ562-g_90.0.4430.72/90.0.4430.72_chrome_installer.exe
https://www.google.com/dl/release2/chrome/QXfLrKD3khekJ96AJ562-g_90.0.4430.72/90.0.4430.72_chrome_installer.exe
https://redirector.gvt1.com/edgedl/release2/chrome/QXfLrKD3khekJ96AJ562-g_90.0.4430.72/90.0.4430.72_chrome_installer.exe

Google Chrome v90.0.4430.72 官方正式版 离线安装包(含更新组件)64位
https://dl.google.com/edgedl/chrome/install/GoogleChromeStandaloneEnterprise64.msi

Google Chrome v90.0.4430.72 官方正式版 离线安装包(含更新组件)32位
https://dl.google.com/edgedl/chrome/install/GoogleChromeStandaloneEnterprise.msi

Google Chrome 官方正式版 离线安装包(含更新组件)新版及历史版本
https://www.lanzous.com/b138066
https://pan.baidu.com/s/1Q5FptUnS0BjGMk5erwOhyw 提取码:36oz

声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。