14 DAY TRIAL // A new build of the next version of Google’s open source browser is now available for download for early adopters. The release is mainly focused on fixing issues that survived past the previous build, v 5.0.360.4, offered at the end of the past month. At the same time, Anthony Laforge, from the Google Chrome team, indicates that Chrome 5.0.366.2 brings to the table an important change related to WebGL. Essentially, Google has tweaked its open source browser in order to improve the security by making WebGL run sandboxed.
From the earliest versions of Google Chrome, the browser came with a sandbox designed to mitigate exploits using HTML Rendering and JavaScript execution as attack vectors. The sandbox is a security mechanism in no way limited to Chrome, based on the concept of limiting applications, and especially potentially malicious input data from apps, to running in a restricted environment.
The sandbox is an extra security layer designed to create a gap between the browser and the underlying platform, and to lock a potential attacker out of the system even if an exploit bypasses all other browser security measures.
“WebGL support in Chrome now runs inside the security sandbox. If you have been testing WebGL, please remove the --no-sandbox flag from your Chrome options. WebGL may be enabled via the --enable-webgl command line option,” Laforge advised testers.
In addition, Google Chrome 5.0.366.2 introduces a range of fixes, not just for Windows, but also for Mac OS X and Linux. As far as Windows is concerned, Laforge enumerated the following fixes: “Fixed a bug with incognito extensions like RSS Subscription. Will no longer automatically offer to translate in incognito mode. Fix file upload code to not hang the HTTP session when the file is unreadable.”
The latest version of Google Chrome 5.0 is available for download here.