Chrome 84 blocks unwanted notification pop-ups

The new version also blocks certain downloads from unsafe websites. Chrome now automatically reads one-time codes from text messages on mobile devices. Google also closes a critical security hole.

Google has the final version of Chrome 84 released for download. The new release is now supposed to better protect users from unwanted notification pop-ups. The developers also give the browser a new animation engine. In addition, SMS passcodes can now be automatically inserted into web forms.

Chrome is now actively targeting websites that use the browser’s spam notification feature. Chrome 84 automatically blocks pop-ups from popular spam websites. Suppressed pop-ups are shown in the address bar with a crossed out notification icon.

Chrome 84 discontinues support for TLS 1.0 and 1.1 (Image: ZDNet.com)After an update, users also have to do without support for TLS 1.0 and TLS 1.1. However, both versions of the encryption protocol are now classified as insecure. Chrome doesn’t show websites that use HTTPS connections. Instead, an error message appears that indicates the outdated version.

Google also wants to improve the security of its users by preventing Chrome from downloading files over HTTP connections when the website offering the download is connected via HTTPS. The warning about the so-called mixed content initially only applies to executable files. With the upcoming releases, the list of file types that are blocked by HTTP is to be expanded.

Further innovations concern programming interfaces (API) in particular. So Chrome now supports that from Apple developed Web OTP API. This enables a browser on a mobile device to read a passcode received by SMS, for example for two-factor authentication, directly from the SMS message and insert it into a web form.

The Web Animations API is a collection of new JavaScript functions. This gives developers more control over animation sequences that are executed in the browser. The Screen Wake Lock API allows the browser to prevent a mobile device from reducing the backlight or even locking the screen while the browser is in use. However, this is still an experimental function, and its whereabouts in Chrome have not yet been decided.

Chrome 84 also includes fixes for 38 vulnerabilities, one of which is even classified as critical. A heap buffer overflow can be used to inject malicious code and even execute it outside of the sandbox – such a sandbox escape is a bug that is rarely found in Chrome.


Leave a Reply

Your email address will not be published. Required fields are marked *