October 4, 2023

Google announced the stable version of Chrome 109 availability and rolled out new upgrades like secure payment confirmation, enhanced screen sharing in video calls, video call controls, and Material You for desktops.

Security Payment on Android

Google has introduced a new web standard for easier payment with credit cards, banks, and other payment providers in Chrome. It is called Secure Payment Confirmation (SPC) on Google Chrome, making it possible to authenticate with the biometric screen unlock. If supported by the bank provider, users can skip the typical confirmation dialogs and simply scan fingerprints.


Enhanced Screen Sharing on Video Calls

Google Chrome already had the Screen Capture API tool, to help users to show specific content they want to share on a video call. The latest Chrome 109 version further improves the tool. Google Chrome 109 brings a “Conditional Focus” feature allowing web apps to control focus on specific content. The feature detects whether the captured tab or window will be in focus when the capture starts, or whether the capturing page should remain in focus.

Material You Theme for Desktop

Google’s Material You theming has been present in Chrome for Android for a while, but with the launch of Chrome 109, it is coming to Windows and macOS as well. One can change the theme of Chrome by replacing the background image on the New Tab page.


Bug fixes

Google has fixed numerous bugs in this version which are listed below. No detailed information is available at this time and none of the vulnerabilities are exploited in wild

Sl.NoCVE IDDescription
1CVE- 2023- 0128Use after free in Overview Mode
2CVE- 2023- 0129Heap buffer overf in Netwok service
3CVE- 2023- 0130Inappropriate implementation in Fullscreen API
4CVE- 2023- 0131Inappropriate implementation in iframe Sandbox
5CVE- 2023- 0132Inappropriate implementation in Permission prompts
6CVE- 2023- 0133Inappropriate implementation in Permission prompts
7CVE- 2023- 0134Use after free in Cart
8CVE- 2023- 0135Use after free in Cart
9CVE- 2023- 0136Inappropriate implementation in Fullscreen API
10CVE- 2023- 0137Heap buffer overfin Platform Apps
11CVE- 2023- 0138Heap buffer overfin libphonenumber
12CVE- 2023- 0139Insufficient validation of untrusted input in Downloads
13CVE- 2023- 0140Inappropriate implementation in File System API
14CVE- 2023- 0141Insufficient policy enforcement in CORS

Leave a Reply

%d bloggers like this: