
Google announced the stable version of Chrome 109 availability and rolled out new upgrades like secure payment confirmation, enhanced screen sharing in video calls, video call controls, and Material You for desktops.
Security Payment on Android
Google has introduced a new web standard for easier payment with credit cards, banks, and other payment providers in Chrome. It is called Secure Payment Confirmation (SPC) on Google Chrome, making it possible to authenticate with the biometric screen unlock. If supported by the bank provider, users can skip the typical confirmation dialogs and simply scan fingerprints.
Enhanced Screen Sharing on Video Calls
Google Chrome already had the Screen Capture API tool, to help users to show specific content they want to share on a video call. The latest Chrome 109 version further improves the tool. Google Chrome 109 brings a “Conditional Focus” feature allowing web apps to control focus on specific content. The feature detects whether the captured tab or window will be in focus when the capture starts, or whether the capturing page should remain in focus.
Material You Theme for Desktop
Google’s Material You theming has been present in Chrome for Android for a while, but with the launch of Chrome 109, it is coming to Windows and macOS as well. One can change the theme of Chrome by replacing the background image on the New Tab page.
Bug fixes
Google has fixed numerous bugs in this version which are listed below. No detailed information is available at this time and none of the vulnerabilities are exploited in wild
Sl.No | CVE ID | Description |
1 | CVE- 2023- 0128 | Use after free in Overview Mode |
2 | CVE- 2023- 0129 | Heap buffer overf in Netwok service |
3 | CVE- 2023- 0130 | Inappropriate implementation in Fullscreen API |
4 | CVE- 2023- 0131 | Inappropriate implementation in iframe Sandbox |
5 | CVE- 2023- 0132 | Inappropriate implementation in Permission prompts |
6 | CVE- 2023- 0133 | Inappropriate implementation in Permission prompts |
7 | CVE- 2023- 0134 | Use after free in Cart |
8 | CVE- 2023- 0135 | Use after free in Cart |
9 | CVE- 2023- 0136 | Inappropriate implementation in Fullscreen API |
10 | CVE- 2023- 0137 | Heap buffer overfin Platform Apps |
11 | CVE- 2023- 0138 | Heap buffer overfin libphonenumber |
12 | CVE- 2023- 0139 | Insufficient validation of untrusted input in Downloads |
13 | CVE- 2023- 0140 | Inappropriate implementation in File System API |
14 | CVE- 2023- 0141 | Insufficient policy enforcement in CORS |