Google has officially moved version 66 of its Chrome browser to the stable channel for Windows, Linux and Mac . This means that starting today and in the next few days, the update will be reaching all users.
Chrome 66 includes a wide range of fairly important security enhancements , such as the so-called “Site Isolation” (site isolation), a key feature that helped Google’s browser mitigate the risks of the Specter vulnerability that affects almost all processors modern
Site Isolation
Although ‘Site Isolation’ exists in Chrome since version 63, it has always been disabled by default and hidden behind a Chrome flag. Starting with Chrome 66, Google will start activating the feature in a small percentage of users in preparation for a forthcoming wider release.
The mechanism allows us to isolate websites in different memory address spaces to protect our browsing sessions. And enabling the function was one of the main recommendations to stop Meltdown and Specter .
You can check if active entering the URL: chrome://flags/#enable-site-per-process. Look for the option ‘Stric site isolation’ and you can enable it. You must restart Chrome to take effect.
Prevention of code injection and goodbye to Symantec certificates
Some may remember that in early 2017 Google accused Symantec of creating thousands of invalid security certificates , and subsequently announced that they would take action against them.
Well now, with Chrome 66, the browser will stop trusting the certificates offered by the security company and will begin to show SSL errors for everyone who has issued Symantec before June 1, 2016 .
This means that if you upgrade to Chrome 66 you may not be able to access some sites due to SSL errors because they are using Symantec security certificates. Google expects to completely stop trusting all Symantec certificates in October of this year with the release of Chrome 70.
Chrome 66 will also begin to display warnings when third-party software, such as antivirus or other security tools, are injecting code into Chrome processes . It’s the first step before completely blocking the injection of third-party code in Chrome 72 .