Chrome 58 Rolling Out to Mac, Windows, & Linux, Lacks Touch Bar Support for MacBook Pro
Google has started rolling out Chrome 58 update to Mac, Windows, and Linux. This version of Chrome brings a variety of new features for developers along with the usual security fixes. Many users were expecting Chrome 58 to include support for the Touch Bar on the MacBook Pro, but it does not appear in this update. There are fair chances that Google might add the support in the incremental update.
The Touch Bar keys on MacBook Pro are like a panel of shortcuts given in a horizontal strip. It includes controls for adding a bookmark, refresh, moving forward and backward, instant access to Omnibox, and much more. Sadly, Chrome 58 does not bring support in this initial update.
Other than the lack of support for Touch Bar, the Chrome 58 update does not fall short on other features. It brings full support for IndexedDB 2.0, which makes the browser good at handling large data files. Also, there are other methods as well that will make Chrome faster with Chrome 58, such as the new schema management, bulk action methods, and more standardized handling of failures. There also a small change that comes along with Chrome 58 and it enables developers to customize Chrome’s native media control buttons for downloading, full screen, and playback.
Chrome 58 also brings improvements to iframes. It now handles third-party content like advertising that redirects users to a new page automatically, with Chrome 58 this behaviour has been taken care of, as developers can now put third-party content inside sandboxed iframes. For some advertisements, there is a new iframe sandbox that navigates and lets ads be moved to the top of the page by the user. It also brings changes for Progressive Web Apps on Android, these apps can now go completely full screen and hide the status and navigation bar. With this, users can now get a better and more immersive viewing experience.
Regarding security, Chrome 58 update squashes a total 29 bugs. Here are the bugs that were found by external developers, each developer was awarded prize money for the discovery. Google spent $14000 for these bug bounties.
[$3000] High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
[$2000] High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
[$N/A] High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro’s Zero Day Initiative
[$2000] Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
[$2000] Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
[$1500] Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
[$1000] Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
[$1000] Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
[$500] Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
[$500] Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu
[$500] Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
[$N/A] Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
 Various fixes from internal audits, fuzzing and other initiatives
For now, Chrome 58 update is limited to desktops. Google will soon roll it out for Android and Chrome OS. You can learn more about IndexedDB 2.0, display: fullscreen and new options for sandboxed iframes on Chrome 58 by watching this video:
Stay in the loop
GET A DAILY DIGEST OF LATEST TECHNOLOGY NEWS
Straight to your inbox
Subscribe to our newsletter