Adobe’s software updates for April include Flash 184.108.40.206, which fixes seven security issues in previous versions. If Flash is enabled in your web browser, you should visit the official Flash About page to check its version and update if it’s not current.
As usual, Chrome will update itself with the latest Flash, and Internet Explorer and Edge get their new Flash via Windows Update.
A single security fix is the only change mentioned in the release announcement for the latest version of Chrome.
The change log contains forty-one changes, of which about twenty-five are minor bug fixes.
Chrome is pretty good about updating itself, but since this version includes a security fix, you should probably make sure by checking: three-dot-menu >
About Google Chrome. This will usually trigger an update if one is required.
Google’s efforts to make the web a safer place include the recent addition of a
Not Secure indicator in Chrome’s address bar for sites that are not using HTTPS encryption.
Up to this point, that indicator only appears when a web page includes boxes for entering passwords or credit card information. In the near future, Chrome will expand the conditions in which sites are flagged as
Not Secure. In October, Chrome 62 will start flagging as
Not Secure any unencrypted web page that includes any data entry boxes, and all unencrypted pages accessed while Chrome is in Incognito mode. Eventually, Chrome will flag all unencrypted pages as
If you use Chrome, you’ve probably noticed that it also flags encrypted sites as
Secure. This is misleading, since all it means is that the site is using HTTPS encryption. It doesn’t imply that the site is safe to use, only that it is using an encrypted connection. A site flagged as
Secure can still be dangerous to visit, for example if it contains malware. Wordfence’s Mark Maunder recently wrote about the danger of assuming Chrome’s
Secure flag means ‘safe’.
The change log for Chrome 58.0.3029.81 is ten thousand items long, so you might want to think twice before clicking that link. It’s probably safe to say that there are no new features or major changes in the new version, since nothing of the kind is mentioned in the release announcement. This is an important update, though. That’s because it includes fixes for twenty-nine security flaws.
Chrome seems to update itself on most computers within a day or so of a new release, but you can usually trigger an update by opening the browser’s menu (the three-vertical-dots icon at the top right) and navigating to
About Google Chrome.
Five security issues and a few dozen other bugs are addressed in Chrome’s latest release, version 57.0.2987.133. See the full change log for details. Chrome usually does a good job of updating itself, but you can prod it by clicking the ‘three dot’ menu icon and navigating to
About Google Chrome.
About twenty bug fixes and minor changes made it into the latest version of Chrome, 57.0.2987.110. None of the changes seem to be related to security. The announcement doesn’t mention anything about what changed, but the full change log — refreshingly small this time — lists all the changes in detail.
The latest version of Chrome includes fixes for thirty-six security vulnerabilities.
There are numerous other changes in Chrome 57.0.2987.98. Google didn’t see fit to highlight any of them in the release announcement, so you’ll have to read the browser-annihilating change log to see if any of the changes are of interest. I’m not planning to do that myself, as it’s likely to take several hours, and unlikely to be particularly rewarding.
Chrome updates itself on its own mysterious schedule, but you can usually trigger an update by going to its ‘About’ page. Because this version includes security updates, you should try to update Chrome as soon as possible.
Update 2017Mar16: Ars Technica points out that Chrome 57 includes power saving features that should extend battery life for Chrome users on laptops.
A new version of Flash, released yesterday, addresses at least thirteen vulnerabilities in previous versions.
According to the security bulletin for Flash 220.127.116.11, the new version fixes “critical vulnerabilities that could potentially allow an attacker to take control of the affected system.”
The release notes for Flash 18.104.22.168 describe some new features that are likely only of interest to developers.
As usual, Internet Explorer and Edge will get new versions of their embedded Flash via Windows Update, while Chrome’s embedded Flash will be updated automatically.
Anyone who still uses a web browser with Flash enabled should update it as soon as possible.