Google Chrome 72: Deprecates TLS 1.0 And 1.1

  • 173
  •  
  •  
  • 1
  •  
  •  
  •  
    174
    Shares

Google has rolled out the latest version of their Chrome browser for all compatible operating systems. The new Google Chrome 72 release holds significance as it brings major updates with it. Not only it fixes tens of security vulnerabilities but also deprecates TLS 1.0 and TLS 1.1.

Google Chrome 72 Deprecates TLS 1.0 And TLS 1.1

Google has released its latest version of Chrome browser for Windows, Linux, Android, and Mac. They have brought some major changes in the underlying Web API and protocols with Google Chrome 72. Google has already announced these changes in December 2018, and now, they have materialized them all with Chrome 72.

The most important change with this version is the deprecation of TLS 1.0 and 1.1. Google has highlighted several weaknesses in TLS 1.0 and 1.1 that compel Chrome for deprecation. They further stated,

“Supporting TLS 1.2 is a prerequisite to avoiding the above problems. The TLS working group has deprecated TLS 1.0 and 1.1.”

As revealed, this deprecation will eventually lead to complete removal of TLS 1.0 and 1.1 by early 2020, supposedly with Chrome 81.

58 Security Flaws Also Patched

Google Chrome 72 also brings fixes for 58 different security flaws. As stated by Google,

“Chrome 72.0.3626.81 contains a number of fixes and improvements… This update includes 58 security fixes.”

These include a critical vulnerability (CVE-2019-5754) that existed because of “Inappropriate implementation in QUIC Networking”, 17 high severity vulnerabilities, 12 medium severity, and 4 low severity flaws. The researcher who reported the critical vulnerability earned $7500 as bug bounty.

Other Important Changes

In addition to the above updates, Chrome 72 also brings a lot more API changes. One such important update is the deprecation of PaymentAddress.languageCode in the Payment Request API with a target for complete removal by Chrome 74.

Besides, other significant changes include the removal of rendering FTP resources, removal of HPKP (HTTP-Based Public Key Pinning) and blocking pages from using window.open() API to disallow popup windows.

Users of Google Chrome should, hence, ensure updating their devices with the latest Chrome browser versions.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!