Tor Browser 9.0.7 to be Released

New version of browser, focused on security, has a lot of improvements, e.g., vulnerabilities at components Tor and NoScript are fixed
24 March 2020   122

A new version of Tor Browser 9.0.7 is available, aimed at ensuring anonymity, security and privacy. The browser is focused on ensuring anonymity, security and privacy, all traffic is redirected only through the Tor network. It is impossible to access directly through the regular network connection of the current system, which does not allow tracking the real IP of the user (in case of a hacked browser, attackers can gain access to the network system parameters, so products such as Whonix should be used to completely block possible leaks). Builds Tor Browser prepared for Linux, Windows, macOS and Android.

The new release updated components Tor and NoScript 11.0.19, in which vulnerabilities were fixed. Tor eliminated the DoS vulnerability, which created too much CPU load when accessing Tor directory servers controlled by cybercriminals. NoScript resolves a problem that allows you to work around the launch of JavaScript code in the "Safest" protection mode by redirecting to the "data:" URI.

In addition, the Tor Browser developers have added additional protection and if the "Safest" mode is turned on, they automatically disable JavaScript at the javascript.enabled setting level in about: config. This change does not allow whitelisting sites in NoScript for selective cancellation of "Safest" (to return to the old behavior, you can manually change the javascript.enabled value). After the Tor developers make sure that no loopholes are accurately covered in NoScript to bypass Safest, additional protection may be removed.

Get more at the official website.

Chrome 81 Release to be Postponed

Google employees now work from home, that's why the release dates of Chrome 81 and Chrome OS 81 were affected
19 March 2020   208

Due to a change in the work schedule of employees, Google has suspended the release of Chrome 81 and Chrome OS 81, scheduled for March 17 and 24. It is noted that the main objectives are to ensure the stability, security and reliability of Chrome. Vulnerability fix updates will continue to be prioritized and, if necessary, will be delivered in the form of an update for Chrome 80. Including the update Chrome 80.0.3987.149, which eliminated 13 vulnerabilities, among which there are no critical problems that allow you to bypass all levels of browser protection and execute code on a system outside the sandbox environment.

Due to adjusted work schedules at this time, we are pausing upcoming Chrome and Chrome OS releases. Our primary objectives are to ensure they continue to be stable, secure, and work reliably for anyone who depends on them.

Google Chrome

Due to the SARS-CoV-2 coronavirus pandemic this week, most Google employees were transferred to work at home, which also led to delays in reviewing application updates in the Google Play directory.