Google is releasing a new update for the Chrome web browser that includes fixes 37 security fixes, enhanced privacy and security improvements.
In a series of blog posts, Google announced the security fixes and improvements with Chrome 90, with a new HTTPS as the default protocol chief among them. According to Google, HTTPS is the more secure and most widely used scheme in Chrome on all major platforms. It protects users by encrypting traffics sent over the network so information entered on websites can’t be intercepted.
When a user would type in a website n the address bar, they generally don’t include “http://” or “https://”. If it was a user’s first visit to the site, Chrome would choose the less secure http:// as the default protocol.
The HTTPS protocol not only provides better privacy and security – it also improves the initial loading speeds of sites that support HTTPS because Chrome will connect directly to the HTTPS endpoint without needing to be redirected, according to Google.
If a site doesn’t support HTTPS, Chrome will fall back to HTTP, including when there are certificate errors.
“Chrome is invested in ensuring that HTTPS is the default protocol for the web, and this change is one more step towards ensuring Chrome always uses secure connections by default,” the company said.
The update also includes fixes for 37 bugs, 12 of which are designed as high severity. External security researchers reported 19 of the vulnerabilities, including six of the high-severity flaws.
Google is restricting access to bug details until a majority of users apply the fixes.