New version of Chrome is live on all desktop platforms

Nov 18, 2020 16:24 GMT  ·  By

Google Chrome remains the world’s number one browser, both on the desktop and on mobile, and the parent company keeps rolling out more and more major updates that further refine the experience with the app.

Today, Google published Chrome 87, a new important release that adds both new features and security improvements on the desktop, including on Windows, Linux, and macOS.

The first big change in Chrome 87 is the addition of tab search, a feature that entered the testing stage earlier this year and which is now live for everybody on the desktop. It’s easy to see why a tab search option comes in so handy. With the number of active tabs always increasing in a browsing session for the majority of users, finding a specific page is much harder, and nobody wants to manually jump from one tab to another for the whole thing.

The tab search thus makes it easier to find a specific page in tens of active tabs, and the feature also supports multiple Chrome windows.

Chrome 87 also makes the debut of Chrome Actions, a feature that makes it much faster to conduct a series of tasks right from the address bar.

Basically, the Omnibox is getting smarter with today’s update, and in addition to allowing users to load a page or search the web, it now lets them conduct quick actions too. For example, you can easily update chrome by simply typing “update browser” in the address bar.

Additionally, you can remove the history by typing “delete history” and open an incognito browser with the “launch incognito mode” command. Everything has been designed to be very straightforward, so the address bar is more or less becoming a command line utility that power users are going to love.

There are also major security improvements in this release, and one of them is a block of HTTP ports 5060 and 5061. This is a mitigation for the Slipstream attack, and Google explains that any connections that used these ports would have to be reconfigured to be rerouted to other ports.

“The Slipstream attack is a kind of cross-protocol request forgery which permits malicious internet servers to attack computers on a private network behind a NAT device. The attack depends on being able to send traffic on port 5060 (SIP). As a mitigation to protect users, this change will prevent connections on port 5060. To be on the safe side, and to align with other browsers, it also blocks port 5061 (SIP over TLS),” Google explains.

“HTTP servers using port 5060 or port 5061 will be inaccessible. They will have to be modified to run on different ports, and all referring urls updated. Legitimate use of these ports for HTTP servers is believed to be rare. Many existing ports are blocked as mitigations for security issues, so this is not a novel approach.”

Google Chrome 87 also introduces a new flag to protect devices in a network. Google explains:

“We'll begin requiring servers on a user's machine (127.0.0.1) or intranet (as defined by RFC1918) to explicitly opt-in to connections originating from the public internet. Hopefully, this will mitigate the risks associated with unintentional exposure of devices and servers on a client’s internal network to the web at large.”

Today’s update is already available on all supported platforms, and if you’re running Chrome, you can get the new version using the built-in update mechanism. The rest of Chromium browsers out there are also expected to receive similar feature updates in the coming releases.