Chrome Releases: Stable Channel Update for Desktop

Stable Channel Update for Desktop

Wednesday, August 31, 2016

The Chrome team is delighted to announce the promotion of Chrome 53 to the stable channel - 53.0.2785.89 for Windows, Mac and 53.0.2785.92 for Linux. This will roll out over the coming days/weeks (Note: MSI still points to M52 and will be updated later).
Chrome 53.0.2785.89 and 53.0.2785.92 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 53.

Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 33 security fixes Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information

[$7500][628942] High CVE-2016-5147: Universal XSS in Blink. Credit to anonymous

[$7500][621362] High CVE-2016-5148: Universal XSS in Blink. Credit to anonymous

[$7500][573131] High CVE-2016-5149: Script injection in extensions. Credit to Max Justicz (http://web.mit.edu/maxj/www/)

[$5000][637963] High CVE-2016-5150: Use after free in Blink. Credit to anonymous

[$5000][634716] High CVE-2016-5151: Use after free in PDFium. Credit to anonymous

[$5000][629919] High CVE-2016-5152: Heap overflow in PDFium. Credit to GiWan Go of Stealien

[$3500][631052] High CVE-2016-5153: Use after destruction in Blink. Credit to Atte Kettunen of OUSPG

[$3000][633002] High CVE-2016-5154: Heap overflow in PDFium. Credit to anonymous

[$3000][630662] High CVE-2016-5155: Address bar spoofing. Credit to anonymous

[$3000][625404] High CVE-2016-5156: Use after free in event bindings. Credit to jinmo123

[$3000][632622] High CVE-2016-5157: Heap overflow in PDFium. Credit to anonymous

[$3500][628890] High CVE-2016-5158: Heap overflow in PDFium. Credit to GiWan Go of Stealien

[$3500][628304] High CVE-2016-5159: Heap overflow in PDFium. Credit to GiWan Go of Stealien

[$n/a][622420] Medium CVE-2016-5161: Type confusion in Blink. Credit to 62600BCA031B9EB5CB4A74ADDDD6771E working with Trend Micro's Zero Day Initiative

[$n/a][589237] Medium CVE-2016-5162: Extensions web accessible resources bypass. Credit to Nicolas Golubovic

[$3000][609680] Medium CVE-2016-5163: Address bar spoofing. Credit to Rafay Baloch PTCL Etisalat (http://rafayhackingarticles.net)

[$2000][637594] Medium CVE-2016-5164: Universal XSS using DevTools. Credit to anonymous

[$1000][618037] Medium CVE-2016-5165: Script injection in DevTools. Credit to Gregory Panakkal

[$1000][616429] Medium CVE-2016-5166: SMB Relay Attack via Save Page As. Credit to Gregory Panakkal

[$500][576867] Low CVE-2016-5160: Extensions web accessible resources bypass. Credit to @l33terally, FogMarks.com (@FogMarks)

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:

[642598] CVE-2016-5167: Various fixes from internal audits, fuzzing and other initiatives.

Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Krishna GovindGoogle Chrome

53 comments :

Zhangir Duiseke said...: Oh really, Material Design! Thank you very fucking much! I was waiting for it for three fucking months, Google morons. And one more thing, only IDiots use Macs nowadays.; 1:26 PM, August 31, 2016
SiY11 said...: What are you talking about?; 3:28 PM, August 31, 2016
Alen said...: Material Design looks pretty clean!; 3:46 PM, August 31, 2016
Diego Ignacio Vargas Nahuelpani said...: Al fin llegó Material Design :); 5:59 PM, August 31, 2016
ljkfsdaDSAFDA234dfsafa said...: What's the new features inside this release?; 6:14 PM, August 31, 2016
Roman Valenta said...: Material Design without new bookmark folder icons, oh well - who would have though the monstrous yellow folders shall persevere :-D Maybe next time...; 10:29 PM, August 31, 2016
Yumeng Yin said...: I'm checking the Chrome for Work page but seems the enterprise installers are not updated yet.
May I know when will the msi installer be updated?; 11:15 PM, August 31, 2016
Timo Pietilä said...: Enterprise page says correct new version, but downloads old. Please update your download links.; 11:42 PM, August 31, 2016
A7med said...: Not really a fan of the material design the extension icons become smaller if u have a big screen will struggle with them

the real question about this update is where the bookmarks folder icons
How hard is it to give us the option to change the bookmark folder icons?; 4:25 AM, September 01, 2016
Mike said...: The text in the address bar is a smaller font now. It was bigger before my update. I like it the bigger size.; 4:36 AM, September 01, 2016
Matt said...: Can we get the update posted here:

http://www.google.com/intl/en/chrome/business/browser/admin/

Still has 52.0.2743.116.; 6:49 AM, September 01, 2016
ned said...: This comment has been removed by the author.; 7:37 AM, September 01, 2016
ned said...: ditto on https://www.google.com/work/chrome/chrome-browser/ listing the new version number but delivering 52.0.2743.116.; 7:39 AM, September 01, 2016
Marco Parrilla said...: I see a bar blue under address bar in each tab; 10:04 AM, September 01, 2016
Unknown said...: I would suggest bringing back larger font and icons to the address bar. Readability is not as good as with previous chrome version....; 10:19 AM, September 01, 2016
Boris Gjenero said...: When will you fix JavaScript? https://bugs.chromium.org/p/chromium/issues/detail?id=621926 has been fixed but the fix is only in dev channel so far.; 10:39 AM, September 01, 2016
gabester said...: Please post updated enterprise installers... just downloaded 52 again for 2nd time today!; 2:03 PM, September 01, 2016
edwardr74 said...: So this is weird. I have to actually install the Chromecast extension for it to work. I thought it was built in to Chrome now.; 8:41 PM, September 01, 2016
shayne said...: Where did the chrome cast option go under the three dot things now ? I cant find it anywhere; 10:49 PM, September 01, 2016
alkoro said...: What happened with Enterprise MSI? Still downloading old 52 release instead 53 listed.; 2:48 AM, September 02, 2016
Nathan Davis said...: Still getting v52 when I download the Enterprise version. Please fix; 7:31 AM, September 02, 2016
Unknown said...: SCROLL PAGE PROBLEM AFTER 53.0.2785.89 UPDATE ON LENOVO YOGA 2 PRO
THE PROBLEM SCROLL FROM SCREEN TOUCHSCREEN NOT FROM KEYBOARD; 8:21 AM, September 02, 2016
HadynDarylMaralyn said...: LOTS OF ISSUES.; 8:25 AM, September 02, 2016
Pat Samsungtel said...: need the msi installer for chrome for work to update our systems...; 9:21 AM, September 02, 2016
Adam Drake said...: Same issue as everyone else. Need that msi...; 9:56 AM, September 02, 2016
Jonathan said...: Guys don't release a blog post nor update the dowmload page untill the actual MSI is uploaded to your server...it makes you look like a bunch of amateurs.; 1:48 PM, September 02, 2016
PremKumar said...: enterprise installers are not updated still downloaded still old version 52; 10:53 AM, September 03, 2016
Pat Samsungtel said...: I think the one at google who compiles the MSI is currently on vacation. Enterprise customers must wait with rollouts or deploy version 52 and let the google updater task do the rest.

Not good.

I would rather like the larger font for the url text in address bar like before and a setting to turn off those mouse animations on clicking on bookmarks.
I know that material design can be turned off but like the rest of the design.; 2:35 AM, September 04, 2016
Ken Schoenberg said...: Please allow users to enlarge the system fonts and extension icons. They're too small for some of us to read now!; 1:41 PM, September 04, 2016
Digvijay Jani said...: The folder icons are back to non-material.; 5:25 PM, September 04, 2016
Ken Schoenberg said...: The folders being too small is "material" to many.; 6:50 PM, September 04, 2016
Timo Pietilä said...: six days now, and still old msi at chrome for work. This is embarrassment for Google. Please update ASAP.; 10:29 PM, September 04, 2016
Unknown said...: Please release the MSI of 53.0.2785.89, on the download pages https://www.google.nl/chrome/business/browser/admin/ and https://www.google.com/work/chrome/chrome-browser/ still get the old version!; 12:13 AM, September 05, 2016
Abdelali Driouch said...: This comment has been removed by the author.; 7:18 AM, September 05, 2016
Čačaný Okamihu said...: what use does it have when i cannot read it because the UI font is so small?

should i buy binoculars? should i ask somebody from chrome team if he can see it ok and hear "yeah, it's totally ok for my eyes"?

i want to hear it, i want to hear 1 size fits everybody!; 8:04 AM, September 05, 2016
Márcio Schneider said...: Hi folks, please update the MSI! I'm trying to update 23k computers here at work but the MSI download still points to 52.X.; 11:31 AM, September 05, 2016
Wang Hsiu-huei said...: Hi,please update the MSI on download page. I try download msi today ,but still old version 52.; 6:59 PM, September 05, 2016
bjohn said...: It's nice that there is a blog post about a new version. It's not nice that the moron that posted the blog doesn't read the comments.

Update the .msi version!; 8:22 PM, September 05, 2016
Unknown said...: On September 5 I first noticed a problem when uploading a video to YouTube using Chrome browser on MacBook with Mavericks 10.9.5. Uploading virtually crippled any other Internet usage with other browsers or Chrome itself, and also affected my Apple Mail somewhat. Pages took forever to load if they even could connect it all. My Internet speed is fine. And I do not have this problem when uploading through another browser. This seems to coincide with this release, although I don't know exactly when my Chrome browser was updated, as it happened automatically.; 12:52 AM, September 06, 2016
Olie Wilton said...: STILL version 52 on the 32bit MSI download! :(; 2:07 AM, September 06, 2016
Marc said...: Oh for christssake!!!!

Bring back my material design folders !!!!!

Luckily I updates this fast ring windows lappy, not taking the update on my other machines yet.; 8:08 AM, September 06, 2016
Anonymous said...: The tabs are too dark in Incognito mode. I can't read tab headings. Many times already, I have closed the wrong tabs. I switched my theme to Marble and now I can see the tab headings clearly.; 5:27 PM, September 06, 2016
Peter Bas said...: trying to download version 53.0.2785.89 from https://www.google.be/work/chrome/chrome-browser/
but still version 52.0.2743.82 was given.
When will this be resolved?; 12:55 AM, September 07, 2016
Jan Dvorský said...: Hi,

info from Google support:
"it would be most grateful if you could kindly wait for the time being until any update is announced on upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 53"

So, we have to wait until next stable release. Very weird...; 1:30 AM, September 07, 2016
Mohit Sareen said...: When we will have msi available to download?; 1:49 AM, September 07, 2016
Del Mears said...: maybe spend less time trying to rig search results for hillary clinton and more time getting the damn .msi file updated morons; 8:04 AM, September 07, 2016
Unknown said...: ...and here we are, a week later w/ no updated MSI installer... smh.; 8:09 AM, September 07, 2016
Iamuser said...: .
Roman Valenta...Wished I knew about no BKM icons B/4 updating to 53.

Other surprise was copy & paste didn't work till did work till after full reboot. Win7Pro.; 8:51 AM, September 07, 2016
KenFX Studios said...: The active tab color in Incognito Mode is too similar to the other tabs. It's really hard to know which tab is the active tab.; 9:30 AM, September 07, 2016
JerryZ said...: @Zhangir Duiseke, the real idiots/morons are those like you that make meaningless, cryptic, maybe preposterous comments. Really, what are you talking about?; 11:08 AM, September 07, 2016
Flying Tatti said...: Since Chrome 52 (and also in v53) I have been experiencing horizontal tearing/thin lines across the screen when viewing a video in fullscreen mode on websites such as youtube, vimeo, dailymotion etc

This also occurs in the latest iteration of Opera web browser for windows which, is also chromium based.

This does not occur in Microsoft Edge or Firefox.

Im running an AMD A10-8700p Win10x64 machine with all latest drivers and win updates installed.; 11:43 AM, September 07, 2016
Michael Lich said...: @All: MSI files are now available.
I hope this was an one- time flaw.

@JerryZ: If you don't know what an MSI file is you were not the intended audience for Zhangir's post.; 1:17 AM, September 08, 2016
Roedy said...: The new SSL certificate for this page does not have
https://googlechromereleases.blogspot.ca
listed on the Alternative domains. I can no longer access it with Java.; 7:59 PM, September 10, 2016

Chrome Releases

Stable Channel Update for Desktop

53 comments :

Labels

Archive

Feed

Company-wide

Products

Developers