Google has released a new version of its web browser, Chrome 113, with numerous fixes for security-related errors. The update seals 15 vulnerabilities, ten of which were reported by external IT security researchers. Of these, seven were classified as medium and three as low risk. Google has provided limited information on the them, although the most serious vulnerability was linked to an “inappropriate implementation in the prompts component” (CVE-2023-2459), which would allow attackers from the network to bypass access restrictions.
The update also upgrades Chrome for Android to version 13.0.5672.76/.77, 113.0.5672.69 for iOS, 113.0.5672.63 for Linux and Mac, and 113.0.5672.63/.64 for Windows. The extended stable version has also been upgraded to version 112.0.5615.179 for Mac and Windows.
From Chrome 117, which is due to be released in September, the programmers plan to replace the lock icon in the address bar with a settings icon. The current icon indicates an encrypted connection to the server, but only 11% of a recent study’s participants correctly understood its meaning. The new icon will feature sliders, indicating that clicking on it will reveal further information such as cookies and certificates.
The version dialog can be used to check whether the latest version is already installed and active. This can be accessed by clicking on the Chrome menu and selecting “About Google Chrome”. Linux distributions may differ in terms of software management for updates, but should be prompted to download and install them automatically. Other web browsers such as Microsoft Edge, based on the Chromium project, are likely to follow suit with updates to patch the same vulnerabilities.
