Chrome for Android Update

  Hi, everyone! We've just released Chrome 127 (127.0.6533.64) for Android . It'll become available on Google Play over the next few days. 

This release includes stability and performance improvements. You can see a full list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.

Android releases contain the same security fixes as their corresponding Desktop (Windows & Mac: 127.0.6533.72/73 and Linux:127.0.6533.72) unless otherwise noted.


Krishna Govind
Google Chrome

Stable Channel Update for Desktop

The Stable channel has been updated to 127.0.6533.72/73 for Windows, Mac and 127.0.6533.72 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.


Security Fixes and Rewards

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.


This update includes 24 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.


[$11000][349198731] High CVE-2024-6988: Use after free in Downloads. Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-06-25

[$8000][349342289] High CVE-2024-6989: Use after free in Loader. Reported by Anonymous on 2024-06-25

[TBD][346618785] High CVE-2024-6991: Use after free in Dawn. Reported by wgslfuzz on 2024-06-12

[TBD][349653220] High CVE-2024-6992: Out of bounds memory access in ANGLE. Reported by Xiantong Hou of Wuheng Lab and Pisanbao on 2024-06-27

[TBD][349903568] High CVE-2024-6993: Inappropriate implementation in Canvas. Reported by Anonymous on 2024-06-30

[$8000][339686368] Medium CVE-2024-6994: Heap buffer overflow in Layout. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2024-05-10

[$6000][343938078] Medium CVE-2024-6995: Inappropriate implementation in Fullscreen. Reported by Alesandro Ortiz on 2024-06-01

[$5000][333708039] Medium CVE-2024-6996: Race in Frames. Reported by Louis Jannett (Ruhr University Bochum) on 2024-04-10

[$3000][325293263] Medium CVE-2024-6997: Use after free in Tabs. Reported by Sven Dysthe (@svn-dys) on 2024-02-15

[$2000][340098902] Medium CVE-2024-6998: Use after free in User Education. Reported by Sven Dysthe (@svn-dys) on 2024-05-13

[$2000][340893685] Medium CVE-2024-6999: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-15

[$500][339877158] Medium CVE-2024-7000: Use after free in CSS. Reported by Anonymous on 2024-05-11

[TBD][347509736] Medium CVE-2024-7001: Inappropriate implementation in HTML. Reported by Jake Archibald on 2024-06-17

[$2000][338233148] Low CVE-2024-7003: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-01

[TBD][40063014] Low CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing. Reported by Anonymous on 2023-02-10

[TBD][40068800] Low CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing. Reported by Umar Farooq  on 2023-08-04


We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:

  • [354788491] Various fixes from internal audits, fuzzing and other initiatives


Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.


Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.


Daniel Yip
Google Chrome

Reduce live-stream bandwidth consumption to a fraction of the traffic volume with eCDN for Google Meet

What’s changing 

In September 2023, we introduced ultra-low latency livestreaming and since then we’ve introduced several improvements for the overall experience. Today, we’re excited to introduce the latest enhancement for ultra-low latency live streaming: Enterprise Content Delivery Network (eCDN) support for Google Meet. 


When configured by admins, eCDN has the potential to reduce bandwidth consumption to a fraction of the traffic volume. This applies to all live streams, including those originating from outside of your own domain. This is achieved through peer-assisted media delivery — whereby live streamed content is automatically shared between nearby peers, reducing the need to retrieve content from Google servers and minimizing bottleneck. There is no additional software, hardware, or end user action required to use eCDN — it works automatically in the background.

With eCDN turned on, live streamed content is shared between peers (as seen on the right), reducing the need to retrieve content from Google servers (as seen on the left).



Who’s impacted

Admins and end users

Why it’s important

Live streaming is a key tool for presenting information to large audiences such as town-hall meetings, weekly broadcasts or other kinds of events with large audiences. As such, video quality of live streamed content is critical. Using eCDN can significantly reduce the strain on internet gateways while delivering a high-quality viewing experience with consistently low latency. Without eCDN, each viewer is sent their own individual feed. With eCDN turned on for a private network, the backend will send media to a significantly lower number of clients in that network. Those clients will then use the eCDN technology to take over and redistribute media to ensure that all viewers in that network receive the media they need, with high quality and preserved ultra-low latency. 

Getting started


  • End users: There is no end user action required — make sure you’re using Chrome 121 or later on a laptop or desktop computer to ensure the highest quality ultra-low latency live streaming experience.

Rollout pace

Note: eCDN is available for those customers who have received the ultra-low latency live streaming experience. For some customers, that update is rolling out at a slower rate and they may not receive these updates for several months.


Google Drive inventory reporting is now available in open beta

What’s changing 

Google Drive inventory reporting is now available in open beta, providing admins with enhanced visibility into the state of their data assets. By exporting this data into BigQuery, admins can gain a holistic view of how their data is classified, who can access it, and how it’s being used. Analyzing this data at scale helps admins address the challenge of understanding the full scope of their data assets, especially as it pertains to sensitive information and compliance with data policies.



Who’s impacted

Admins


Why it’s important

Compared to using APIs, Drive inventory reporting is a more efficient alternative to piecing together a full representation of Drive items from audit events and various other surfaces. The comprehensive view of the file corpus—including classifications, sizes, and locations—allows administrators to identify security risks, such as unauthorized access or oversharing. It also aids in ensuring compliance with regulatory requirements, like those for data retention and destruction. 


Getting started


  • Admins: Eligible Admins can enable this feature in the Admin console by going to Reporting > Data Integrations and enabling Drive Inventory Export. Visit the Help Center to learn more about Drive inventory reporting. Admins interested in providing feedback to the product team during the open beta can fill out this form.
  • End users: There is no end user impact or action required.


Rollout pace

  • This feature is available now for all eligible users.

Availability

Available for Google Workspace:

  • Enterprise Standard and Plus
  • Education Standard and Plus
  • Enterprise Essentials Plus
  • Frontline Standard

Resources


Google Workspace Updates Weekly Recap – July 19, 2024

2 New updates

Unless otherwise indicated, the features below are available to all Google Workspace customers, and are fully launched or in the process of rolling out. Rollouts should take no more than 15 business days to complete if launching to both Rapid and Scheduled Release at the same time. If not, each stage of rollout should take no more than 15 business days to complete.


All new appointments need to be booked through appointment schedules in Google Calendar 
Earlier this year, we announced that the appointment slots feature will be replaced by appointment schedules in Google Calendar. Starting this week, only appointment schedules can be created. In a couple of weeks, the appointment slots booking pages will no longer be available. At that time, all new appointments will need to be booked through appointment schedules. | Appointment schedules are available to Google Workspace Business Starter, Business Standard, Business Plus, Enterprise Standard, Enterprise Plus, Education Fundamentals, Education Standard, Education Plus, the Teaching and Learning Upgrade, Nonprofits, Google Workspace Individual customers and Google One Premium users. | Visit the Help Center for detailed information about appointment schedules. 

Available in beta: migrate sensitive files to Google Drive with client-side encryption 
We are making it easier to programmatically import sensitive files to Google Drive with client-side encryption by providing code samples on Github. Eligible admins can apply for beta access to this Drive API feature using this form. | Available to Google Workspace Enterprise Plus; Education Standard and Education Plus.


Previous announcements

The announcements below were published on the Workspace Updates blog earlier this week. Please refer to the original blog posts for complete details.


Google Classroom now supports exporting grades and importing rosters and grade settings with PowerSchool SIS 
Google Classroom teachers can now export and import select information via the new integration with PowerSchool SIS. | Learn more about the integration with Classroom and PowerSchool SIS. 

Teachers will soon be able to create a new class in Google Classroom using Student Information System (SIS) data 
In the coming weeks, we will be introducing a new feature that allows teachers to set up a Google Classroom class using information directly imported from an SIS, including co-teachers, student rosters and class lists, grading categories and grading periods. Please note this feature is only available with our current SIS partners. | Learn more about creating new classes in Classroom using SIS data. 

Google Workspace extensions for Gmail, Google Drive and Google Docs are now available in open beta for Gemini (gemini.google.com) 
We’re pleased to announce Google Workspace extensions for Gmail, Google Drive and Google Docs are available for Gemini (gemini.google.com). When enabled, Gemini will be able to cross reference these apps as data sources to better inform its responses. | Learn more about the beta for Gemini (gemini.google.com). 

Import and export Markdown in Google Docs 
We’re introducing highly-requested features that enhance Docs' interoperability with other Markdown supporting tools. | Learn more about markdown in Docs

Clearer re-enrollment for Google Meet hardware devices 
We're updating the way Google Meet hardware devices are re-enrolled to provide a more intuitive experience for administrators. | Learn more about re-enrollment for Meet hardware devices. 

Available in beta: Policy Visualization across Google Docs, Sheets, Slides and Drive 
Users who are interacting with policy-protected content, such as those with data loss prevention (DLP) rules or trust rules, will now be proactively informed about what actions are prevented by those policies. | Learn more about policy visualization.


Completed rollouts

For a recap of announcements in the past six months, check out What’s new in Google Workspace (recent releases).  

Enable guardians to preview assigned classwork within Google Classroom

What’s changing 

Currently, a teacher or school administrator can invite a guardian, typically a parent, to receive email summaries about their student’s work in class. These email summaries include a rundown of missing work, upcoming work and class activities, such as recently posted announcements or assignments in Google Classroom. 

Going forward, guardian email summaries will now include links that let guardians preview their student's Classwork pages, including assigned work and attachments provided by the teacher. With this update, guardians can stay up-to-date with what their students are learning. Guardians will not be able to see their student’s grades or submissions, class communication, or other students’ work. Guardians can easily access this page directly from the Classroom email summaries or from the link shared by teachers. 

Enable guardians to preview assigned classwork within Google Classroom


Who’s impacted 

Admins and end users 


Why it matters 

This feature keeps guardians informed about their student’s assignments in class. 


Additional details 

Teachers with the Google Workspace Education Plus edition who already send guardian email summaries will notice those emails automatically start including guardian previewing links. No action is needed to get started. 


Getting started 

  • Admins: Admins can turn Guardian Access ON or OFF for their domain and determine whether only admins, or admins and verified teachers, can control guardians accounts and per-class access. If admins choose the latter, verified teachers are able to add or remove guardian accounts for students in their class and determine whether each class will be available for guardian access. Visit the Help Center to learn more about managing guardians in your domain
  • End users: In classes where you have guardian summaries turned ON, guardians can now preview your classwork page and any classwork assigned to their student(s). You can turn this setting OFF at any time in your Class Settings page.
  • Guardians: You have guardian preview capabilities to your student’s Classwork page through direct links in the email summary. Visit the Help Cenet to learn more about guardian email summaries

Rollout pace 

Availability 

Available for Google Workspace: 
  • Education Plus 

Resources 

Chrome Dev for Desktop Update

The Dev channel has been updated to 128.0.6601.2 for Windows, Mac and Linux.

A partial list of changes is available in the Git log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Prudhvi Bommana
Google Chrome

Available in beta: Policy Visualization across Google Docs, Sheets, Slides and Drive

What’s changing 

Currently, when there are security policies applied to documents, spreadsheets, presentations or files, users are given no central explanation of which actions, like downloading, making a copy, or external sharing are restricted. 

To improve upon this experience, users who are interacting with policy-protected content, such as those with data loss prevention (DLP) rules or trust rules, will now be proactively informed about what actions are prevented by those policies. 

For example, if a user is interacting with a document affected by DLP-enforced information rights management (IRM) and a Trust Rule, they will see a shield icon, banner, and side panel that informs them of the restricted actions.
Policy Visualization across Google Docs, Sheets, Slides and Drive


Who’s impacted 

End users 


Why it matters 

With this update, users will be made aware of which actions they are taking that are disabled on a document, spreadsheet, slide or file due to data protection controls.

Getting started 

  • Admins: There is no admin control for this feature. 
  • End users: 
    • Any user will be able to see policy visualization if it's active on a document, but the owner of the document is used to determine if it's turned ON. 
    • A shield icon, banner, and side panel will automatically appear when security controls are present. 
    • Visit the Help Center to learn more about the policies that enable Policy Visualization: 

Rollout pace 

During the Open Beta period, this feature will be opt-in only. Customers who fill out this form will see the feature enabled in their specified domains within 7 days of sign-up. Customers may submit feedback here or email it to [email protected]


Availability

Policy visualization is enabled when the document, spreadsheet, slides or file owner belongs to the following Google Workspace editions: 
  • Business Starter, Standard, Plus 
  • Enterprise Starter, Standard, Plus 
  • Essentials Starter, Enterprise Essentials, Essentials Enterprise Plus 
  • Frontline Starter, Standard 
  • Education Fundamentals, Standard, Plus, the Teaching & Learning Upgrade 
  • Workspace Individual Subscribers 

Resources