New Version of Google Chrome Causes Security Concerns

Google Chrome is the single most popular browser in the world, and a big part of the reason why this is the case has to do with the various updates that Google often brings into the mix when it comes to this browser in particular. These updates help to keep the browser up to date in pretty much every single way, not to mention the various added benefits and features you would get as a result of the fact that the updates are rolled out frequently and are tailor made for the needs of the average Google Chrome user, but at the same time it is important to note that in many situations these updates lead to a lower chance of getting the optimum amount of security while you are surfing the web.

The latest update that has come to Google Chrome is a good example of this. The "Scroll To Text Fragment" update brings a new feature that allows you to create links that not only lead to specific articles but can also lead the people that click on said link to be directed to a specific word in the article, with the word having been highlighted for their convenience.

You can probably guess just how useful a feature like this can be if it is used in the right manner. Most people don’t realize this but this sort of features are actually pretty hard to come by, and they can be utilized by lots of people that are trying to draw attention to certain topics, are doing research with a group of other people that they are involved with or perhaps need something else that they can only get from a specific word in an article.

The only problem is that this new feature could potentially end up resulting in some rather serious consequences as far as safety and security on the internet are concerned. This scroll to text fragment code that is used to make this feature actually work on the browser could be hijacked by malicious actors who would take advantage of the code and potentially change the word that is being targeted among other things.

The use of this new feature could also potentially end up allowing certain hackers to look into whether or not you are connected via social media to other people, and this is some private information that most users would definitely not want following into the wrong hands. It is therefore crucial that Google takes steps to prevent these things from becoming too much of an issue, otherwise an attack could occur and this would be quite bad for Google in the long run.

In response to a thread on Github, Chromium engineer David Bokan explained that, "We discussed this and other issues with our security team and, to summarize, we understand the issue but disagree on the severity so we’re proceeding with allowing this without requiring opt-in (though we are still working on adding an opt in/out)."



Read next: Google may give you these two ‘password saving’ options in Chrome