The fast, free browser that`s built for the modern web

Google Chrome (32-bit)

Join our mailing list

Stay up to date with latest software releases, news, software discounts, deals and more

Download Google Chrome 58.0.3029.81 (32-bit)

Google Chrome (32-bit)

 -  100% Safe  -  Freeware

What's new in this version:

Google Chrome 58.0.3029.81 (32-bit)
Security fixes:
- High CVE-2017-5057: Type confusion in PDFium
- High CVE-2017-5058: Heap use after free in Print Preview
- N/A684684 High CVE-2017-5059: Type confusion in Blink
- Medium CVE-2017-5060: URL spoofing in Omnibox. g
- Medium CVE-2017-5061: URL spoofing in Omnibox
- Medium CVE-2017-5062: Use after free in Chrome Apps
- Medium CVE-2017-5063: Heap overflow in Skia
- Medium CVE-2017-5064: Use after free in Blink
- Medium CVE-2017-5065: Incorrect UI in Blink
- Medium CVE-2017-5066: Incorrect signature handing in Networking
- Medium CVE-2017-5067: URL spoofing in Omnibox
- N/A691726 Low CVE-2017-5069: Cross-origin bypass in Blink
- [713205] Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 57.0.2987.133 (32-bit)
Security Fixes:
- Critical CVE-2017-5055: Use after free in printing
- High CVE-2017-5054: Heap buffer overflow in V8
- High CVE-2017-5052: Bad cast in Blink
- High CVE-2017-5056: Use after free in Blink
- High CVE-2017-5053: Out of bounds memory access in V8

Google Chrome 57.0.2987.110 (32-bit)
- Publish DEPS for Chromium 57.0.2987.110
- DevTools: Don't trigger panel switcher shortcut if alt key is held 8c34e10 [Merge m57] RenderTextMac: Fix crash when passed an invalid font
- Incrementing VERSION to 57.0.2987.108
- [scheduler] Move DatabaseAccess tasks to loading tq
- v8bindings: Reverts crrev.com/2606723002 with minimum changes
- [Merge to M57]Chrome OS: Fix the crash in MultiProfileBrowserStatusMonitor::RemoveV1AppFromShelf()
- Merge remote-tracking branch 'refs/remotes/branch-heads/2987' into drover_2987_8Nt33H
- base: Make TimeDurationFormat* report failures
- Avoid rotation anchor during transitional fullscreen states
- Revert "Make Crashpad start asynchronous, and move back to chrome_elf" 7026b26 Revert restartInput change off the M57 release branch
- Do not attempt to retry failed EarlGrey test cases
- Disable Form-Not-Secure warning when |autofill_client_| is null

Google Chrome 57.0.2987.98 (32-bit)
- Memory corruption in V8
- Use after free in ANGLE
- Out of bounds write in PDFium
- Integer overflow in libxslt
- Use after free in PDFium
- Incorrect security UI in Omnibox
- Use after free in PDFium
- Multiple out of bounds writes in ChunkDemuxer
- Information disclosure in V8
- Address spoofing in Omnibox
- Bypass of Content Security Policy in Blink
- Incorrect handling of cookies in Cast
- Use after free in GuestView
- Heap overflow in Skia
- Information disclosure in XSS Auditor
- Information disclosure in Blink
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 56.0.2924.87 (32-bit)
- Change log not available for this version

Google Chrome 56.0.2924.76 (32-bit)
- Universal XSS in Blink
- Unauthorised file access in Devtools
- Out of bounds memory access in WebRTC
- Heap overflow in V8
- Address spoofing in Omnibox
- Heap overflow in Skia
- Address spoofing in Omnibox
- Use after free in Renderer
- UI spoofing in Blink
- Uninitialised memory access in webm video
- Universal XSS in chrome://apps
- Universal XSS in chrome://downloads
- Use after free in Extensions
- Bypass of Content Security Policy in Blink
- Type confusion in metrics
- Heap overflow in FFmpeg
- UI spoofing
- Various fixes from internal audits, fuzzing and other initiative

Google Chrome 55.0.2883.87 (32-bit)
- Change log not available for this version

Google Chrome 55.0.2883.75 (32-bit)
- Private property access in V8
- Universal XSS in Blink
- Universal XSS in Blink
- Same-origin bypass in PDFium
- Universal XSS in Blink
- Universal XSS in Blink
- Out of bounds write in Blink
- Use after free in PDFium
- Out of bounds write in PDFium
- Local file disclosure in DevTools
- Use after free in PDFium
- Use after free in V8
- File download protection bypass
- Use after free in PDFium
- Use after free in Webaudio
- Use of unvalidated data in PDFium
- Address spoofing in Omnibox
- Use after free in V8
- Integer overflow in ANGLE
- Local file access in PDFium
- Address spoofing in Omnibox
- CSP Referrer disclosure
- Integer overflow in PDFium
- CSP bypass in Blink
- Same-origin bypass in SVG
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 54.0.2840.99 (32-bit)
- Heap corruption in FFmpeg
- Out of bounds memory access in V8
- Info leak in extensions
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 54.0.2840.87 (32-bit)
- Change log not available for this version

Google Chrome 54.0.2840.71 (32-bit)
- Change log not available for this version

Google Chrome 54.0.2840.59 (32-bit)
- Universal XSS in Blink
- Heap overflow in Blink
- Use after free in PDFium
- Use after free in Blink
- URL spoofing
- UI spoofing
- Cross-origin bypass in Blink
- URL spoofing
- Out of bounds read in DevTools
- Universal XSS in Bookmarks
- Use after free in Internals
- Scheme bypass
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 53.0.2785.143 (32-bit)
- Use after free in V8
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 53.0.2785.116 (32-bit)
- Change log not available for this version

Google Chrome 53.0.2785.113 (32-bit)
- Use after free in Blink
- Arbitrary Memory Read in v8
- Extension resource access
- Popup not correctly suppressed
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 53.0.2785.101 (32-bit)
- Change log not available for this version

Google Chrome 53.0.2785.89 (32-bit)
- Universal XSS in Blink.
- Script injection in extensions
- Use after free in Blink
- Use after free in PDFium
- Use after destruction in Blink
- Heap overflow in PDFium
- Address bar spoofing
- Use after free in event bindings
- Heap overflow in PDFium.
- Type confusion in Blink
- Extensions web accessible resources bypass
- Address bar spoofing
- Universal XSS using DevTools
- Script injection in DevTools
- SMB Relay Attack via Save Page As
- Extensions web accessible resources bypass
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 52.0.2743.116 (32-bit)
- Address bar spoofing
- Use-after-free in Blink
- Heap overflow in pdfium
- Same origin bypass for images in Blink
- Parameter sanitization failure in DevTools
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 52.0.2743.82 (32-bit)
- Sandbox escape in PPAPI
- URL spoofing on iOS
- Use-after-free in Extensions
- Heap-buffer-overflow in sfntly
- Same-origin bypass in Blink
- Use-after-free in Blink
- Same-origin bypass in V8
- Memory corruption in V8
- URL spoofing
- Use-after-free in libxml
- Limited same-origin bypass in Service Workers
- Origin confusion in proxy authentication
- URL leakage via PAC script
- Content-Security-Policy bypass
- Use after free in extensions
- History sniffing with HSTS and CSP

Google Chrome 51.0.2704.106 (32-bit)
- Change log not available for this version

Google Chrome 51.0.2704.103 (32-bit)
- Various fixes from internal audits, fuzzing and other initiatives.
- This release contains an update to Adobe Flash Player (22.0.0.192).

Google Chrome 51.0.2704.84 (32-bit)
- Change log not available for this version

Google Chrome 51.0.2704.79 (32-bit)
- This update includes 15 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.
- Cross-origin bypass in Extension bindings.
- Cross-origin bypass in Blink.
- Information leak in Extension bindings.
- Parameter sanitization failure in DevTools.
- Use-after-free in Extensions.
- Use-after-free in Autofill.
- Out-of-bounds read in Skia.

Google Chrome 51.0.2704.63 (32-bit)
- Cross-origin bypass in extension bindings. Credit to Mariusz Mlynski.
- Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- Cross-origin bypass in extensions. Credit to Mariusz Mlynski.
- Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
- Cross-origin bypass in extension bindings. Credit to Rob Wu.
- Type confusion in V8. Credit to Guang Gong of Qihoo 360.
- Heap overflow in V8. Credit to Christian Holler.
- Heap use-after-free in V8 bindings. Credit to Rob Wu.
- Heap use-after-free in Skia. Credit to Atte Kettunen of OUSPG.
- Heap overflow in PDFium. Credit to Aleksandar Nikolic of Cisco Talos.
- CSP bypass for ServiceWorker. Credit to KingstonTime.
- Out-of-bounds access in libxslt. Credit to Nicolas Gregoire.
- Integer overflow in libxslt. Credit to Nicolas Gregoire.
- Out-of-bounds read in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB.
- Out-of-bounds read in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB.
- Information leak in extensions. Credit to Rob Wu.
- Out-of-bounds read in V8. Credit to Max Korenko.
- Heap buffer overflow in media. Credit to Atte Kettunen of OUSPG.
- Heap use-after-free in Autofill. Credit to Rob Wu.
- Heap buffer-overflow in Skia. Credit to Atte Kettunen of OUSPG.
- Limited cross-origin bypass in ServiceWorker. Credit to Til Jasper Ullrich.
- HTTP Download of Software Removal Tool. Credit to Khalil Zhani.
- HPKP pins removed on cache clearance. Credit to Ryan Lester and Bryant Zadega
- Various fixes from internal audits, fuzzing and other initiatives.

Google Chrome 50.0.2661.102 (32-bit)
- Same origin bypass in DOM.
- Same origin bypass in Blink V8 bindings.
- Buffer overflow in V8. Credit to Choongwoo Han.
- Race condition in loader.
- Directory traversal using the file scheme on Android.

Google Chrome 50.0.2661.94 (32-bit)
- Out-of-bounds write in Blink.
- Memory corruption in cross-process frames.
- Use-after-free in extensions.
- Use-after-free in Blink’s V8 bindings.
- Address bar spoofing.
- Information leak in V8.
- Various fixes from internal audits, fuzzing and other initiatives.

Google Chrome 50.0.2661.87 (32-bit)
- Change log not available for this version

Google Chrome 50.0.2661.86 (32-bit)
- Add CHECK for null WebState in CRWWebController.
- Fix MediaNotificationInfo.equals().
- Bump the min-supported OS version in the installer.
- Updating XTBs based on .GRDs from branch 2661.
- Fix Range.getClientRects() to include full grapheme clusters.
- Merge M50: "Fix audio glitch issue introduced by security fix for format changes."
- Merge to 2661 "[DevTools] Introduce a setting for console autocomplete from history."
- Add more tracing to a test to make it easier to track down failures.
- Call CheckTrialGroup only under lock.
- Remove FrameView::isPainting() and use lifecycle state instead.
- Removing the check for SM_TABLETPC for determining whether a device is operating as a tablet.
- Fix HistoryEntry corruption when commit isn't for provisional entry (try #2).
- Check CSP before registering ServiceWorkers.
- Fixes stable build by including stringprintf.h.
- Revert "Check CSP before registering ServiceWorkers".
- Fix cross-site popups to inherit their opener's sandbox flags even when popup opener is not set.
- QUIC - Fix a type casting bug in quic stream sequencer buffer.
- Fixed regression in WEBGL_draw_buffers support.
- Merge to 2661 "[DevTools] Support broken UMA metric from M49 frontend."
- Fix a bug that mime type isn't passed when checking Codec capabilities.
- Temporarily disable float empty-phase optimization.
- Updating XTBs based on .GRDs from branch 2661.
- Make sure binding security checks don't pass if the frame is remote.
- Avoid using MediaCodecList from Renderer process.
- Revert "Treat percent-height div inside auto-height cells as auto".
- Revert "cc: Stop locking the raster scale factor at 1 after any change."

Google Chrome 50.0.2661.75 (32-bit)
- Universal XSS in extension bindings
- Out-of-bounds write in V8
- Out-of-bounds read in Pdfium JPEG2000 decoding
- Uninitialized memory read in media
- Use-after-free related to extensions
- Android downloaded file path restriction bypass
- Address bar spoofing
- Potential leak of sensitive information to malicious extensions
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 49.0.2623.112 (32-bit)
- Change log not available for this version.

Google Chrome 49.0.2623.110 (32-bit)
- Change log not available for this version.

Google Chrome 49.0.2623.108 (32-bit)
- Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab.
- Use-after-free in Navigation. Credit to anonymous.
- Use-after-free in Extensions. Credit to anonymous.
- Buffer overflow in libANGLE. Credit to lokihardt working with HP’s Zero Day Initiative / Pwn2Own.
- As usual, our ongoing internal security work was responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.33).

Google Chrome 49.0.2623.87 (32-bit)
- Type confusion in Blink. Credit to cloudfuzzer.
- Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.
- Out-of-bounds write in PDFium. Credit to anonymous working with HP's Zero Day Initiative.

Google Chrome 49.0.2623.75 (32-bit)
- Same-origin bypass in Blink
- Same-origin bypass in Pepper Plugin
- Bad cast in Extensions
- Use-after-free in Blink
- Use-after-free in Blink
- Use-after-free in Blink
- SRI Validation Bypass
- Out-of-bounds access in libpng
- Information Leak in Skia
- WebAPI Bypass
- Use-after-free in WebRTC
- Origin confusion in Extensions UI
- Use-after-free in Favicon
- Various fixes from internal audits, fuzzing and other initiatives
- Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26)

Google Chrome 48.0.2564.116 (32-bit)
- Same-origin bypass in Blink and Sandbox escape in Chrome

Google Chrome 48.0.2564.109 (32-bit)
- Same-origin bypass in Extensions. Credit to anonymous.
- Same-origin bypass in DOM. Credit to Mariusz Mlynski.
- Buffer overflow in Brotli. Credit to lukezli.
- Navigation bypass in Chrome Instant. Credit to Jann Horn.
- Out-of-bounds read in PDFium. Credit to anonymous, working with HP's Zero Day Initiative.
- Various fixes from internal audits, fuzzing and other initiatives.

Google Chrome 48.0.2564.103 (32-bit)
- Change log not available for this version

Google Chrome 48.0.2564.97 (32-bit)
- This release contains an update to Adobe Flash Player 20.0.0.286.

Google Chrome 48.0.2564.82 (32-bit)
- Bad cast in V8. Credit to cloudfuzzer
- Use-after-free in PDFium. Credit to anonymous
- Information leak in Blink. Credit to Christoph Diehl
- Origin confusion in Omnibox. Credit to Ron Masas
- URL Spoofing. Credit to Luan Herrera
- History sniffing with HSTS and CSP. Credit to jenuis
- Weak random number generator in Blink. Credit to Aaron Toponce
- Out-of-bounds read in PDFium. Credit to Keve Nagy
- Various fixes from internal audits, fuzzing and other initiatives
- Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch (currently 4.8.271.17)

Google Chrome 47.0.2526.111 (32-bit)
- This release contains an update to Adobe Flash Player 20.0.0.267

Google Chrome 47.0.2526.106 (32-bit)
- Two security fixes from internal audits and fuzzing

Google Chrome 47.0.2526.80 (32-bit)
- Change log not available for this version

Google Chrome 47.0.2526.73 (32-bit)
- Use-after-free in AppCache. Credit to anonymous
- Use-after-free in AppCache. Credit to anonymous
- Use-after-free in AppCache. Credit to anonymous
- Cross-origin bypass in DOM. Credit to Mariusz Mlynski
- Cross-origin bypass in core. Credit to Mariusz Mlynski
- Cross-origin bypass in DOM. Credit to Mariusz Mlynski
- Out of bounds access in v8. Credit to anonymous
- Cross-origin bypass in DOM. Credit to Mariusz Mlynski
- Out of bounds access in v8. Credit to Guang Gong of Qihoo 360 via pwn2own
- Out of bounds access in Skia. Credit to cloudfuzzer
- Use-after-free in Extensions. Credit to anonymous
- Type confusion in PDFium. Credit to Atte Kettunen of OUSPG
- Out of bounds access in PDFium. Credit to Hanno Böck
- Use-after-free in DOM. Credit to Long Liu of Qihoo 360Vulcan Team
- Out of bounds access in PDFium. Credit to Karl Skomski
- Scheme bypass in PDFium. Credit to Ullrich Tiljasper
- Use-after-free in Infobars. Credit to Khalil Zhani
- Integer overflow in Sfntly. Credit to miaubiz
- Content spoofing in Omnibox. Credit to Luan Herrera
- Signature validation issue in Android Crazy Linker. Credit to Michal Bednarski
- Escaping issue in saved pages. Credit to Inti De Ceukelaire
- Wildcard matching issue in CSP.
- Scheme bypass in CSP.
- Various fixes from internal audits, fuzzing and other initiatives
- Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch (currently 4.7.80.23)

Google Chrome 46.0.2490.86 (32-bit)
- This release contains an update to Adobe Flash Player (19.0.0.245)
Security fixes:
- Information leak in PDF viewer

Google Chrome 46.0.2490.80 (32-bit)
- Cross-origin bypass in Blink
- Use-after-free in PDFium
- Use-after-free in ServiceWorker
- Bad-cast in PDFium
- Information leakage in LocalStorage
- Improper error handling in libANGLE
- Memory corruption in FFMpeg
- CORS bypass via CSS fonts
- Various fixes from internal audits, fuzzing and other initiatives.
- Multiple vulnerabilities in V8 fixed at the tip of the 4.6 branch (currently 4.6.85.23).

Google Chrome 46.0.2490.71 (32-bit)
- Change log not available for this version

Google Chrome 45.0.2454.101 (32-bit)
- Cross-origin bypass in DOM
- Cross-origin bypass in V8

Google Chrome 45.0.2454.99 (32-bit)
- This release contains a critical update to Adobe Flash Player (19.0.0.185)

Google Chrome 45.0.2454.93 (32-bit)
- Change log not available for this version

Google Chrome 45.0.2454.85 (32-bit)
- Cross-origin bypass in DOM
- Cross-origin bypass in ServiceWorker
- Cross-origin bypass in DOM
- Use-after-free in Skia
- Use-after-free in Printing
- Character spoofing in omnibox
- Permission scoping error in WebRequest
- URL validation error in extensions
- Use-after-free in Blink
- Information leak in Blink

Google Chrome 44.0.2403.157 (32-bit)
- Change log not available for this version

Google Chrome 44.0.2403.155 (32-bit)
- Change log not available for this version

Google Chrome 44.0.2403.130 (32-bit)
- Change log not available for this version

Google Chrome 44.0.2403.125 (32-bit)
- Change log not available for this version

Google Chrome 44.0.2403.107 (32-bit)
- Change log not available for this version

Google Chrome 44.0.2403.89 (32-bit)
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance

Google Chrome 43.0.2357.134 (32-bit)
- Critical update to Adobe Flash Player (18.0.0.209)
- Fix for a full screen casting issue

Google Chrome 43.0.2357.132 (32-bit)
- Fix use of ShellDispatch.NameSpace
- Pin shortcuts via shell verbs rather than ShellExecuteEx
- [Merge to M43] Use StartsWith rather than == to compare BackgroundRendererProcesses experiment group names
- Revert "[Merge to M43] Use StartsWith rather than == to compare BackgroundRendererProcesses experiment group names."
- ash: Restore user selected rotation on startup
- Add .website to dangerous download extensions. Add .website and .url to safebrowsing download checks
- [Merge to M43] Initialize AVFoundation explicitly instead of implicitly via IsAVFoundationSupported

Google Chrome 43.0.2357.130 (32-bit)
- Scheme validation error in WebUI
- Cross-origin bypass in Blink
- Normalization error in HSTS/HPKP preload list
- Security Fixes and Rewards

Google Chrome 43.0.2357.124 (32-bit)
- Updated Adobe Flash Player to 18.0.0.160

Google Chrome 43.0.2357.81 (32-bit)
- Fixed an issue where sometimes a blank page would print

Google Chrome 43.0.2357.65 (32-bit)
- Sandbox escape in Chrome
- Cross-origin bypass in DOM
- Cross-origin bypass in Editing
- Use-after-free in WebAudio
- Use-after-free in SVG
- Use-after-free in Speech
- Container-overflow in SVG
- Negative-size parameter in Libvpx
- Uninitialized value in PDFium
- Use-after-free in WebRTC
- URL bar spoofing
- Uninitialized value in Blink
- Insecure download of spellcheck dictionary
- Cross-site scripting in bookmarks
- Various fixes from internal audits, fuzzing and other initiatives
- Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch

Google Chrome 42.0.2311.152 (32-bit)
- A new version of Adobe Flash (17.0.0.188).

Google Chrome 42.0.2311.135 (32-bit)
- Use-after-free in DOM
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 42.0.2311.90 (32-bit)
- A number of new apps, extension and Web Platform APIs (including the Push API!)
- Lots of under the hood changes for stability and performance

Google Chrome 41.0.2272.118 (32-bit)
- Change log not available for this version.

Google Chrome 41.0.2272.101 (32-bit)
- Change log not available for this version

Google Chrome 41.0.2272.89 (32-bit)
- Change log not available for this version

Google Chrome 41.0.2272.76 (32-bit)
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance
- 51 security fixes

Google Chrome 40.0.2214.115 (32-bit)
- Change log not available for this version

Google Chrome 40.0.2214.111 (32-bit)
- Use-after-free in DOM
- Cross-origin-bypass in V8 bindings
- Privilege escalation using service workers
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 40.0.2214.94 (32-bit)
- Handle invalid sync item ordinals when adding OEM folders. Certain edge cases were exposing a lack of proper checking for validity when handling sync ordinals

Google Chrome 40.0.2214.91 (32-bit)
- Updated info dialog for Chrome app on Windows and Linux
- A new clock behind/ahead error message

Google Chrome 39.0.2171.99 (32-bit)
- This release contains an update for Adobe Flash as well as a number of other fixes.

Google Chrome 39.0.2171.95 (32-bit)
- Change log not available for this version

Google Chrome 39.0.2171.71 (32-bit)
- Contains an update for Adobe Flash
- A number of other fixes

Google Chrome 39.0.2171.65 (32-bit)
- A number of new apps/extension APIs
- Lots of under-the-hood changes for stability and performance

Google Chrome 38.0.2125.122 (32-bit)
- Contains an update for Adobe Flash as well as a number of other fixes

Google Chrome 38.0.2125.111 (32-bit)
- Change log not available for this version

Google Chrome 38.0.2125.104 (32-bit)
- Contains an update for Adobe Flash as well as a number of other fixes

Google Chrome 38.0.2125.101 (32-bit)
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance
- A special thanks to Jüri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox
- Out-of-bounds read in PDFium
- Use-after-free in Events
- Use-after-free in Rendering
- Use-after-free in DOM
- Type confusion in Session Management
- Use-after-free in Web Workers
- Information Leak in V8
- Permissions bypass in Windows Sandbox
- Information Leak in XSS Auditor
- Out-of-bounds read in PDFium
- Release Assert in V8 bindings

Google Chrome 37.0.2062.124 (32-bit)
- RSA signature malleability in NSS

Google Chrome 37.0.2062.120 (32-bit)
- This release contains an update for Adobe Flash and includes 4 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting:
- Use-after-free in rendering
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 37.0.2062.103 (32-bit)
- This addresses some user feedback related to how Chrome renders text when display scaling is set to 125% or lower

Google Chrome 37.0.2062.102 (32-bit)
- Change log not available for this version

Google Chrome 37.0.2062.94 (32-bit)
- DirectWrite support on Windows for improved font rendering
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance Security Fixes:
- Critical CVE-2014-3176, CVE-2014-3177: A special reward to lokihardt@asrt for a combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox
- High CVE-2014-3168: Use-after-free in SVG
- High CVE-2014-3169: Use-after-free in DOM
- High CVE-2014-3170: Extension permission dialog spoofing
- High CVE-2014-3171: Use-after-free in bindings
- Medium CVE-2014-3172: Issue related to extension debugging
- Medium CVE-2014-3173: Uninitialized memory read in WebGL
- Medium CVE-2014-3174: Uninitialized memory read in Web Audio
- CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives (Chrome 37).

Google Chrome 36.0.1985.143
- Use-after-free in web sockets
- Information disclosure in SPDY
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 36.0.1985.125 (32-bit)
- Rich Notifications Improvements
- An Updated Incognito / Guest NTP design
- The addition of a Browser crash recovery bubble
- Chrome App Launcher for Linux
- Lots of under the hood changes for stability and performance Security Fixes:
- Same-Origin-Policy bypass in SVG
- Various fixes from internal audits, fuzzing and other initiatives

Google Chrome 35.0.1916.153 (32-bit)
- Use-after-free in filesystem API
- Out-of-bounds read in SPDY
- Buffer overflow in clipboard
- Heap overflow in media

Google Chrome 35.0.1916.114 (32-bit)
- More developer control over touch input
- New JavaScript features
- Unprefixed Shadow DOM
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance
- This update includes 23 security fixes

Google Chrome 34.0.1847.137 (32-bit)
- Use-after-free in WebSockets
- Integer overflow in DOM ranges
- Use-after-free in editing

Google Chrome 34.0.1847.131 (32-bit)
- This release fixes a number of crashes and other bugs
- Contains a Flash Player update, to version 13.0.0.214

Google Chrome 34.0.1847.116 (32-bit)
- Responsive Images and Unprefixed Web Audio
- Import supervised users onto new computers
- A number of new apps/extension APIs
- A different look for Win8 Metro mode
- Lots of under the hood changes for stability and performance

Google Chrome 33.0.1750.154 (32-bit)
- Code execution outside sandbox. Credit to VUPEN
- Use-after-free in Blink bindings
- Code execution outside sandbox. Credit to Anonymous
- Memory corruption in V8
- Directory traversal issue

Google Chrome 33.0.1750.149 (32-bit)
- Use-after-free in speech
- UXSS in events
- Use-after-free in web database. As usual, our ongoing internal security work responsible for a wide range of fixes:
- Potential sandbox escape due to a use-after-free in web sockets
- Multiple vulnerabilities in V8 fixed in version 3.23.17.18

Google Chrome 33.0.1750.146 (32-bit)
- Use-after-free in svg images
- Use-after-free in speech recognition.
- Heap buffer overflow in software rendering
- Chrome allows requests in flash header request. As usual, our ongoing internal security work responsible for a wide range of fixes:
- Various fixes from internal audits, fuzzing and other initiatives
- Multiple vulnerabilities in V8 fixed in version 3.24.35.10

Google Chrome 33.0.1750.117 (32-bit)
- Issue with relative paths in Windows sandbox named pipe policy. Credit to tyranid
- Use-after-free related to web contents. Credit to Khalil Zhani
- Bad cast in SVG. Credit to TheShow3511
- Use-after-free in layout. Credit to cloudfuzzer
- Information leak in XSS auditor. Credit to NeexEmil
- Use-after-free in layout. Credit to cloudfuzzer
- Issue with certificates validation in TLS handshake. Credit to Antoine Delignat-Lavaud and Karthikeyan Bhargavan from Prosecco, Inria Paris
- Information leak in drag and drop. Credit to bishopjeffreys
- Various fixes from internal audits, fuzzing and other initiatives. Of these, seven are fixes for issues that could have allowed for sandbox escapes from compromised renderers

Google Chrome 32.0.1700.107 (32-bit)
- Change log not available for this version

Google Chrome 32.0.1700.102 (32-bit)
- Mouse Pointer disappears after exiting full-screen mode
- Drag and drop files into Chrome may not work properly
- Quicktime Plugin crashes in Chrome
- Chrome becomes unresponsive
- Trackpad users may not be able to scroll horizontally
- Scrolling does not work in combo box
- Chrome does not work with all CSS minifiers such as whitespace around a media query's `and` keyword
- This update includes 14 security fixes

Google Chrome 32.0.1700.76 (32-bit)
- Tab indicators for sound, webcam and casting
- A different look for Win8 Metro mode
- Automatically blocking malware files
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance
- Flash Player has been updated to version 12.0.0.41
- This update includes 11 security fixes

Google Chrome 31.0.1650.63 (32-bit)
- Session fixation in sync related to 302 redirects
- Use-after-free in editing
- Address bar spoofing related to modal dialogs
- Various fixes from internal audits, fuzzing and other initiatives
- Buffer overflow in v8. This issue was fixed in v8 version 3.22.24.7
- Out of bounds write in v8. This issue was fixed in v8 version 3.22.24.7

Google Chrome 31.0.1650.57 (32-bit)
- Fixed multiple memory corruption issues

Google Chrome 30.0.1599.69
- Tabs freeze up 
- Lag in some games/GPU issues with certain monitors

Google Chrome 30.0.1599.66
- Easier searching by image
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance



Join our mailing list

Stay up to date with latest software releases, news, software discounts, deals and more