Chrome 70 Updates Sign-In Options, Patches 23 Flaws


Google on Tuesday released Chrome 70 in the stable channel, with patches for nearly two dozen vulnerabilities, as well as with updated sign-in options.

Available for Windows, Mac and Linux as version 70.0.3538.67, the new Chrome iteration arrives with patches for 23 vulnerabilities, 18 of which were discovered by external researchers. These include 6 flaws rated high severity, 8 medium risk, and 4 low severity issues.

The addressed flaws include sandbox escape, remote code execution, heap buffer overflow, URL spoofing, use after free, memory corruption, cross-origin URL disclosure, security UI occlusion in full screen mode, iframe sandbox escape on iOS, and lack of limits on update() in ServiceWorker.