The latest version of Google Chrome includes sixty-two security fixes, and a limited trial of a new feature called Site Isolation that should help to reduce the risk from Spectre-related vulnerabilities.
The change log for Chrome 66.0.3359.117 is another whopper, listing over ten thousand changes in total.
Check your version of Chrome by clicking the three-vertical-dots menu button at the top right, and selecting
About Google Chrome. Doing that will usually trigger an update if one is pending.
Microsoft’s contribution to our monthly headache starts with a post on the TechNet MSRC blog: April 2018 security update release. This brief page consists of the same boilerplate we get every month, and provides no details at all. We’re informed that “information about this month’s security updates can be found in the Security Update Guide” but there isn’t even a link to the SUG.
Analysis of the SUG for this month’s Microsoft updates shows that there are sixty updates, addressing sixty-eight vulnerabilities in Flash, Excel, Word, and other Office components, Internet Explorer, Edge, Windows, and Defender. Twenty-three of the vulnerabilities are flagged as Critical.
If your Windows computer is not configured for automatic updates, you’ll need to use Windows Update in the Control Panel to install them.
Adobe’s offering for this month’s patching fun is a new version of Flash Player: 220.127.116.11 (APSB18-08). Six security vulnerabilities — three flagged as Critical — are fixed in the new version.
If you’re using a web browser with Flash enabled, you should install Flash 18.104.22.168 as soon as possible. The embedded Flash used in Internet Explorer 11 and Edge on newer versions of Windows will get the new version via Windows Update. Chrome’s embedded Flash will be updated via Chrome’s automatic update system. To update the desktop version of Flash, visit the About Flash page.
A single security issue prompted the release of Chrome 65.0.3325.181 earlier this week.
Since this is a security update, it’s a good idea to check what version of Chrome you’re running, and update it if necessary.
Chrome usually updates itself automatically, but you can encourage it to update by selecting
About Google Chrome from its menu ( at the top right).
Chrome 65 features forty-five security fixes, and includes over ten thousand changes in total, none of which seem worth highlighting.
Chrome will update itself automatically on most platforms, but you can usually encourage it to update by selecting
About Google Chrome from its menu (hidden behind that weird three-dot button at the top right).
A single security bug was fixed in Chrome 64.0.3282.167, released by Google on February 13.
The new version will find its way to your desktop automatically, unless you’re diligent about killing Google’s pesky auto-update processes. If that describes you, or you just don’t want to wait, you can usually encourage Chrome to update itself by navigating to >
About Google Chrome.
There’s additional information in the full change log for Chrome 64.0.3282.167.
There are about twenty changes in Chrome 64.0.3282.140. One of the changes is a fix for a security issue, and the rest are minor tweaks and other bug fixes.
As usual, the release announcement says that the new version “will roll out over the coming days/weeks”. Since this release includes a security fix, it’s a good idea to check what version you’re running by navigating to the About Chrome page ( >
About Google Chrome).
The latest version of Chrome is 64.0.3282.119. The new version, released earlier this week, fixes fifty-three security issues, and includes additional mitigations for the Spectre/Meltdown vulnerabilities.
The full change log lists ten thousand changes in the new version. There might be some interesting stuff in there, but I’m going to assume that if there was anything worth pointing out, Google would have done that in the release announcement.
Two security vulnerabilities, one of which has a High risk rating, are addressed in Chrome 63.0.3239.108. The log lists a few additional changes, none of which are particularly interesting.
There’s no easy way to disable automatic updates in Chrome. Generally, if there’s an update available, it will find its way to your computer within a few days via Google’s Update Service.
You can usually trigger an update by navigating to the About Chrome page ( >
About Google Chrome).
Adobe released a new version of Flash to coincide with yesterday’s Microsoft updates. Flash 22.214.171.124 fixes a few minor issues and one security vulnerability.
As usual, Chrome will update itself with the latest Flash, and Microsoft browsers will receive updates via Windows Update.
If you still use Flash, and in particular if you use a web browser that is configured to play Flash content, you should install the new version as soon as possible. Better still, stop using Flash altogether. Flash is being phased out in some browsers, including Firefox. Many web sites that formerly used Flash have switched to HTML5.
The change log for Chrome 63.0.3239.84 has ten thousand entries. I’d like to read it, and I might even find something interesting buried there, but instead I’ll assume Google would point out any notable changes in the release notes.
Alas, while the release notes do point out that the new Chrome includes fixes for thirty-seven security vulnerabilities, none of the other changes are discussed. In a way I suppose that’s a good thing: as long as Google isn’t making large changes or adding new features, while they continue to fix vulnerabilities and other bugs, the outcome is almost always going to be a better browser.
Chrome typically updates itself within a few hours or days of a new release, although in the release notes, Google says “This will roll out over the coming days/weeks.” Given the number of security fixes in this version, it’s a good idea to check the version you’re running, and hopefully trigger an update, by clicking Chrome’s menu button (three vertical dots at the top right), then choosing
About Google Chrome.