Google on Tuesday released Chrome version 27 for Windows, Mac, and Linux. The new version features a big boost to page loads (now 5 percent faster on average) as well as significant updates for developers. You can update to the latest release now using the browser’s built-in silent updater, or download it directly from google.com/chrome.
The speed improvement is thanks to the introduction of “smarter behind-the-scenes resource scheduling,” according to Google. At first, Web content appearing on the screen 5 percent faster on average may not seem like a huge difference, but when you realize how quickly pages load on Chrome already, it’s a big jump. Starting with this release, the scheduler more aggressively uses an idle connection and demotes the priority of preloaded resources so that they don’t interfere with critical assets.
The Sync FileSystem API is a new offline storage application programming interface for Chrome packaged apps which automatically synchronizes stored data across clients via Google Drive. The files are stored in private sandboxes and can be manipulated with the HTML5 File API and FileSystem API (sample app).
Google also notes a few other enhancements in this release: improved ranking of predictions, improved spell correction, and numerous fundamental improvements for Omnibox predictions. If you’re worried about the company tracking your information, you’ll want to read Logging policies for Chrome Instant.
As in previous releases, Google also included the usual bug fixes, a new version of V8, and so on in Chrome version 27.0.1453.93. For more details, you can check out the full SVN revision log.
Last but certainly not least, Chrome 27 also addresses 14 security holes (11 rated High, two marked Medium, and one considered Low):
- [$1000] [235638] High CVE-2013-2837: Use-after-free in SVG. Credit to Sławomir Błażek.
- [$500] [235311] Medium CVE-2013-2838: Out-of-bounds read in v8. Credit to Christian Holler.
- [$1500] [230176] High CVE-2013-2839: Bad cast in clipboard handling. Credit to Jon of MWR InfoSecurity.
- [$1000] [230117] High CVE-2013-2840: Use-after-free in media loader. Credit to Nils of MWR InfoSecurity.
- [$1000] [227350] High CVE-2013-2841: Use-after-free in Pepper resource handling. Credit to Chamal de Silva.
- [$2000] [226696] High CVE-2013-2842: Use-after-free in widget handling. Credit to Cyril Cattiaux.
- [$1000] [222000] High CVE-2013-2843: Use-after-free in speech handling. Credit to Khalil Zhani.
- [$1000] [196393] High CVE-2013-2844: Use-after-free in style resolution. Credit to Sachin Shinde (@cons0ul).
- [$3133.7] [188092] [179522] [222136] [188092] High CVE-2013-2845: Memory safety issues in Web Audio. Credit to Atte Kettunen of OUSPG.
- [$1000] [177620] High CVE-2013-2846: Use-after-free in media loader. Credit to Chamal de Silva.
- [$1000] [176692] High CVE-2013-2847: Use-after-free race condition with workers. Credit to Collin Payne.
- [$500] [176137] Medium CVE-2013-2848: Possible data extraction with XSS Auditor. Credit to Egor Homakov.
- [171392] Low CVE-2013-2849: Possible XSS with drag+drop or copy+paste. Credit to Mario Heiderich.
- [241595] High CVE-2013-2836: Various fixes from internal audits, fuzzing and other initiatives.
Google thus spent a whopping $14,633.70 in bug bounties this release and fixed three more security bugs compared to the previous Chrome release. These fixes alone should push Chrome users to upgrade as soon as possible.
Top Image credit: casasroger/Flickr
Get the TNW newsletter
Get the most important tech news in your inbox each week.