Google has released Chrome 83 today, May 19th, 2020, to the Stable desktop channel, and it includes massive security and privacy enhancments as well as some long awaited features.
In this massive release, users are getting a redesigned Privacy and security settings section, better control over cookies, a new Safety Check feature, improved DoH settings, new Enhanced Safe Browsing feature. Tab Groups, and more.
With Chrome 83 now being promoted to the Stable channel, Chrome 84 will soon be promoted to the Beta version, and Chrome 85 will be the Canary version.
As you may have realized, Google did not release Chrome 82, and instead decided to skip that version due to the pandemic and roll all of its changes into Chrome 83.
Windows, Mac, and Linux desktop users can upgrade to Chrome 83 by going to Settings -> Help -> About Google Chrome. The browser will then automatically check for the new update and install it when available.
Massive security overhaul for Chrome users
While Google fixes security vulnerabilities in every release of the Chrome browser, most of these security improvements are made behind the scenes.
With this release, Google Chrome 83 has completely overhauled the user-facing security protections with numerous improvements that aim to help users secure their data, stay safe online, and increase their privacy.
It is important to note that most of the improved security features will be rolling out to users over the next couple of weeks.
If you do not see them immediately, be patient as they will be eventually enabled in your browser.
Easier security and privacy controls
All of the privacy and cookie settings have been reorganized to make it easier to find and configure the browser for enhanced privacy.
The sync controls are now renamed to “You and Google” and allow you to specify what data you share with Google to store in your Google account and what data is synchronized between devices.
To make it easier to clear your browsing history, Google has also moved the ‘Clear browsing data’ option to the top of the ‘Privacy and security’ settings section to make it more accessible.
The biggest change, though, is a completely redesigned cookie management interface that gives easier control over what cookies you will allow.
Finally, Google will block third-party cookies by default in Incognito mode.
“While we continue to work on our long-term effort to make the web more private and secure with Privacy Sandbox, we want to strengthen the Incognito protections in the meantime. In addition to deleting cookies every time you close the browser window in Incognito, we will also start blocking third-party cookies by default within each Incognito session and include a prominent control on the New Tab Page. You can allow third-party cookies for specific sites by clicking the “eye” icon in the address bar,” Google announced.
New Safety check feature in Chrome
Google has added a new ‘Safety check’ feature that will perform a checkup of the browser and your saved data to make sure it is secure and has not been compromised.
As part of this Safety check, Google Chrome will check if any of your saved credentials were compromised in a data breach, if you’re using the latest version of the browser, if Safe Browsing is enabled, and if you have any malicious extensions installed.
Secure DNS: Redesigned DNS-over-HTTPS (DoH) settings
Chrome has redesigned its DNS-Over-HTTPS settings in a new dedicated ‘secure DNS’ section under Privacy and security > More.
Using this new interface, a user can enable DoH and use it with their existing DNS provider, if available, or select one that is preconfigured in Google Chrome.
You can then choose from Custom providers or preconfigured Google (Public DNS), Cloudflare (22.214.171.124), CleanBrowsing (Family Filter), or Quad9 (126.96.36.199) DoH providers.
Enhanced Safe Browsing Protection released
The final security feature in Chrome 83 is the introduction of a new opt-in ‘Enhanced safe Browsing Protection’ mode.
When enabled, Google will perform real-time checks of URLs that you visit to check for known threats.
As Safe Browsing normally checks against a local database of malicious URLs and files, by using a real-time check, you gain better protection from the latest known malicious web sites and malicious software.
“If you turn on Enhanced Safe Browsing, Chrome proactively checks whether pages and downloads are dangerous by sending information about them to Google Safe Browsing. If you’re signed in to Chrome, then Chrome and other Google apps you use (Gmail, Drive, etc.) will further protect you based on a holistic view of threats you encounter on the web and attacks against your Google Account. Over the next year, we’ll be adding even more protections to this mode including tailored warnings for phishing sites and file downloads, and cross-product alerts,” Google stated in their blog post.
Always show full urls option
In Chrome 79, Google removed what they call trivial subdomains or special-case subdomains from the URLs displayed in Chrome’s address bar.
Many, though, prefer to see a full URL of a web page they are visiting in the address bar.
With the release of Chrome 83, users can now enable a ‘Context menu show full URLs’ flag that lets you enable the showing of full URLs when browsing the web.
To enable this feature, go to chrome://flags/#omnibox-context-menu-show-full-urls and enable the feature. Once enabled, and the browser is restarted, you can right-click on the address bar and a new option can be checked titled ‘Always show full URLS’.
Tab groups have arrived
Google has been testing a new feature called ‘Tab Groups’ that allows you to add various tabs to a named group so that they are better organized.
These groups can then be moved around as one item or sent to another window.
This feature is now live in Google Chrome 83.
New browser extensions menu
To add more real estate to the Chrome toolbar, Google has moved the extensions into a new drop-down menu accessed through a new jigsaw puzzle icon.
When you click on this puzzle icon, a menu will drop down listing all of your extensions and allows you to manage them.
Each extension will then have a dedicated submenu where you can remove it, configure its options, or pin it to the toolbar.
As you can see, this is a huge Google Chrome update that adds numerous features to make the web browser experience more secure.
As many of these features are still rolling out, please do not be concerned if you do not see them immediately.
38 security vulnerabilities fixed
The Chrome 83 release fixes 38 security vulnerabilities, with the following discovered by external researchers:
|CVE-2020-6465||Use after free in reader mode.||High|
|CVE-2020-6466||Use after free in media.||High|
|CVE-2020-6467||Use after free in WebRTC.||High|
|CVE-2020-6468||Type Confusion in V8.||High|
|CVE-2020-6469||Insufficient policy enforcement in developer tools.||High|
|CVE-2020-6470||Insufficient validation of untrusted input in clipboard.||Medium|
|CVE-2020-6471||Insufficient policy enforcement in developer tools.||Medium|
|CVE-2020-6472||Insufficient policy enforcement in developer tools.||Medium|
|CVE-2020-6473||Insufficient policy enforcement in Blink.||Medium|
|CVE-2020-6474||Use after free in Blink.||Medium|
|CVE-2020-6475||Incorrect security UI in full screen.||Medium|
|CVE-2020-6476||Insufficient policy enforcement in tab strip.||Medium|
|CVE-2020-6477||Inappropriate implementation in installer.||Medium|
|CVE-2020-6478||Inappropriate implementation in full screen.||Medium|
|CVE-2020-6479||Inappropriate implementation in sharing.||Medium|
|CVE-2020-6480||Insufficient policy enforcement in enterprise.||Medium|
|CVE-2020-6481||Insufficient policy enforcement in URL formatting.||Medium|
|CVE-2020-6482||Insufficient policy enforcement in developer tools.||Medium|
|CVE-2020-6483||Insufficient policy enforcement in payments.||Medium|
|CVE-2020-6484||Insufficient data validation in ChromeDriver.||Medium|
|CVE-2020-6485||Insufficient data validation in media router.||Medium|
|CVE-2020-6486||Insufficient policy enforcement in navigations.||Medium|
|CVE-2020-6487||Insufficient policy enforcement in downloads.||Low|
|CVE-2020-6488||Insufficient policy enforcement in downloads.||Low|
|CVE-2020-6489||Inappropriate implementation in developer tools.||Low|
|CVE-2020-6490||Insufficient data validation in loader.||Low|
|CVE-2020-6491||Incorrect security UI in site information.||Low|