Chrome の Flash Player NPAPI と PPAPI を切り替えて使えるようにする方法

  • このエントリーをはてなブックマークに追加
selection_1

Google Chrome の NPAPI プラグインを有効化する方法

グーグル社のWebブラウザー「Google Chrome」は、バージョン 42.0.2311.90 より NPAPIプラグインは全てデフォルトで無効化されていますので、まずそれを有効化します。

試しに、アップデート直後の クローム のアドレスバーに、
chrome://plugins/
と入力すると、プラグイン一覧にアクセスできますが、この時、PPAPI のプラグイン群だけが表示されて、NPAPI のプラグイン群は何も表示されていません。

フラッシュプレイヤー の表示を確認すると、

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_2.59.07

Adobe Flash Player – バージョン: 17.0.0.188
名前: Shockwave Flash
説明: Shockwave Flash 17.0 r0
バージョン: 17.0.0.188
場所: C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\PepperFlash\pepflashplayer.dll
タイプ: PPAPI(プロセス外)
無効にする
MIME タイプ:

MIME タイプ
説明
ファイル拡張子
application/x-shockwave-flash Shockwave Flash .swf
application/futuresplash FutureSplash Player .spl

となっています。(この記事を執筆時点の Chrome のバージョンは、43.0.2357.65 m です。)

 

NPAPIプラグインを有効化する手順

手順 1.
chrome://flags/
と入力して、環境設定画面にアクセスします。
さらに続けて、
chrome://flags/#enable-npapi
と打ち込むと、
お目当ての NPAPI プラグインの設定フラグの項目が、黄色くハイライト表示されます。

Google_Chrome_NPAPI_2015-04-21_23.06.44_1

デフォルトでは、NPAPI は無効化されています。(項目の背景がグレーアウトされ、青字で「有効にする」リンクが表示されている状態)

手順 2.
青色の「有効にする」リンクをクリックする。
(項目の背景が白反転し、青字で「無効にする」リンクが表示されている状態へと変わります。)

Google_Chrome_NPAPI_2015-04-21 23.07.39_1

手順 3.
ブラウザを落として再起動し、フラグの変更を反映させます。

 

 

NPAPI版の Adobe Flash Player をインストールする方法

上記の表示を見てもお分かりの通り、Google Chrome には、初めから Adobe Flash Player (PPAI) が内包されています。そして、Chrome 本体のバージョンアップ時や、セキュリティ更新アップデートを適用した際、同時に、自動的にフラッシュプレイヤーも最新版のパッケージへと更新されていく仕組みになっています。

その為、今まで一度も NPAPI版の Flash Player をインストールしたことがない場合も含めて、NPAPI版の Flash Player をインストールした後、その管理に関しては、今後、(NPAPI版 に関しては) アドビシステムズ社が新バージョンをリリースする度に、自分自身で都度更新(マニュアルアップデート)を実施し、セキュリティ上、最新のバージョンを保っていく必要が生じますので、注意してください。

補足:
Google Chrome のアップデートを適用させる度ごとに、都度、NPAPIプラグインの設定はリセットされ、デフォルト(NPAPI 無効化の状態)に戻りますので、一からセッティングし直す必要が生じます。

また、Google Chrome には、既にちゃんと PPAI 版がデフォルトパッケージされているものに対して、わざわざ NPAPI 版を追加することになるわけですので、当たり前のことですが、それに伴って発生するかもしれない、あらゆる全ての支障/問題/事故/損害等について、当方は一切関知しません。何らの補償責任をも負いません。もしかしたら、今後、何らかのトラブルが発生したりするかもしれませんが、ここから先は、全て、ご自身の全責任の下で行うようにしてください。

手順 1.
アドビシステムズ社の Flash Player 公式ダウンロードサイトにアクセスします。
https://get2.adobe.com/jp/flashplayer/otherversions/

「お使いの Google Chrome ブラウザには、Adobe® Flash® Player ビルトインが既に搭載されています。新バージョンのFlash Player がリリースされると、Google Chrome は自動的にアップデートされます。
Adobe® Flash® Player システムプラグインをダウンロードするか、 説明書を表示してプラグインを有効化してください。
Chrome における Flash Player のデベロッパのための情報を含む拡張サポートについての詳細はこの TechNoteをご覧ください。」
と、表示されますので、

「別のオペレーティングシステムまたはブラウザをお持ちですか?」
のリンクをクリックし、下記のURLに遷移します。
https://get.adobe.com/jp/flashplayer/otherversions/

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_3.25.48_1

OS と ブラウザ を選択することができるダウンロードページに遷移しました。

手順 2.

手順 2.1. “オペレーティングシステムを選択” プルダウンメニューには
Windows 8 / Windows Server 2012
Windows 7 / Vista / XP / 2008 / 2003
Mac OS X 10.6 – 10.10
Linux (64 bit)
Linux (32 bit)
の選択肢があります。

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_3.30.05_1

手順 2.2. “バージョンを選択” プルダウンメニューには、
FP 17 for Opera and Chromium – PPAPI
FP 17 for Internet Explorer – ActiveX
FP 17 for Firefox – NPAPI
の選択肢があります(手順 2.1. で、「Windows 7 / Vista / XP / 2008 / 2003」を選択時)。
ちなみに、FP 17 は、Flash Player 17 の略です。

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_3.30.36_1

ここで、
FP 17 for Firefox – NPAPI」を選択します。
※ Chrome という選択肢は無いので、Firefox を選択します。

手順 2.3. “今すぐダウンロード” (黄色いボタン) を押下します。
flashplayer17_ha_install.exe (NPAPI 版 の フラッシュプレイヤー) をダウンロードできます。

手順 3.
flashplayer17_ha_install.exe をダブルクリックして起動し、ダイアログに従ってインストールを完了します。

 

 

Google Chrome の Flash Player の NPAPI/PPAI を切り替えて使う方法

クロームの「プラグイン一覧(chrome://plugins/)」にアクセスしてみると、以前と同様に、Flash Player の項目に PPAPI版、NPAPI版 の両方(2 files)が表示されていることが分かります。
また、NPAPI が有効化できていることが確認できます。

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_4.00.40

(PPAPI版 の下に追加表示された NPAPI版 の表示)
名前: Shockwave Flash
説明: Shockwave Flash 17.0 r0
バージョン: 17,0,0,188
場所: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
タイプ: NPAPI
MIME タイプ:
無効にする

MIME タイプ
説明
ファイル拡張子
application/x-shockwave-flash Adobe Flash movie .swf
application/futuresplash FutureSplash movie .spl

 

NPAPI版の Flash Player を使いたい場合のセッティング方法

プラグイン一覧(chrome://plugins/)」にアクセスし
タイプ: PPAPI(プロセス外)
の下の、「無効にする」をクリックします。「無効にする」→「有効にする」に変わり、PPAPI版の背景がグレーアウトされ、無効化されます。
タイプ: NPAPI
の下の、「無効にする」はそのままにしておきます。

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_4.08.41_1

PPAPI版:無効
NPAPI版:有効

 

PPAPI版の Flash Player を使いたい場合のセッティング方法

プラグイン一覧(chrome://plugins/)」にアクセスし
タイプ: NPAPI
の下の、「無効にする」をクリックします。「無効にする」→「有効にする」に変わり、NPAPI版の背景がグレーアウトされ、無効化されます。
タイプ: PPAPI(プロセス外)
の下の、「無効にする」はそのままにしておきます。

Chrome_FP_NPAPI_PPAPI_switch_2015-05-20_4.09.06_1

PPAPI版:有効
NPAPI版:無効

 

 

ちなみに、上記で紹介した
chrome://flags/
の設定画面(試験運用機能)の運用に関しては、

これらの試験運用版は問題が発生する可能性があるため、ご利用の際には十分ご注意ください
警告 この試験運用機能は、随時変更、中断、提供中止されることがあります。これらの機能のいずれかを有効にした場合に生じる結果について、Google は一切保証しません。ブラウザによってすべてのデータが削除されたり、予期せぬ方法でセキュリティやプライバシーが侵害されたりする可能性があります。有効にした試験運用機能は同じブラウザを使用する全ユーザーに対して有効になります。続行する場合は十分ご注意ください。 Chrome の新しい機能に関心をお持ちでしたら、chrome.com/beta から Beta チャンネルをお試しください。

というような、注意喚起のアナウンスが掲載されている程なので、基本的にはあまりいじらないほうが良いです。

第一に、Google の意向としては、最終的には NPAPI のサポートを終了させたいわけで、そのための布石としての流れ(移行措置)なので、その時流に無理矢理逆らって設定をいじくるという、(ここまで書いてきて何ですが)こういう悪あがきのような対処法が今後いつまで使えるのかも分かりません。簡単に言ってしまえば、Chrome で、NPAPI プラグインを使い続けられなくなる日がやって来るのは、逃れられない運命であり、必定。もう時間の問題でしかない。初めにも書きましたが、やはり Chrome から別のブラウザに乗り換えるというのが、一番ストレスがない対処方法であることは間違いないです (*^▽^*)

 

関連記事

コメント

    • so-ra
    • 投稿日 (Posted on):

    サイトによっては、
    「npapi プラグインがインストールされていません。ppapi プラグイン 17.0.0.188 がインストールされています。」
    とか
    「お使いのブラウザは flash player plugin (ppapi plugin) が有効となっております。」
    とか・・・etc.
    色々とメッセージが表示されて厄介ですが、全てこの記事のセッティングで解決できますね!

    • so-ra
    • 投稿日 (Posted on):

    現行の Chrome では、「PPAPI 非対応 の NPAPI 限定サイト」をブラウジングする時が、一番困るんですよね。

    • so-ra
    • 投稿日 (Posted on):

    Adobe Flash Player バージョン 18.0.0.160 が、リリースされましたね。
    しかし、ダウンロードページのアイコンが不気味に暗く変わったのが気になる。
    なんっか赤黒い感じ? 変な色。 何色?
    でも偽サイトではないことは確かだった。
    MacOSX のダウンロードファイル(NPAPI)は AdobeFlashPlayer_18au_a_install.dmg
    (ちなみに、PPAPIは AdobeFlashPlayer_18ppau_a_install.dmg)
    インストール完了後、システム環境設定のアイコンまで、赤黒くなっちゃった (^_^;)

      • so-ra
      • 投稿日 (Posted on):

      バージョンが 17 から 18 に上がったので、一応、確認。
      (http://www.adobe.com/jp/products/flashplayer/tech-specs.html)
      必要システム構成:
      Windows
      2.33GHz以上のx86互換プロセッサー(ネットブックではインテル® Atom™ 1.6GHz以上のプロセッサー)
      32-bit版および64-bit版:Microsoft® Windows® XP、Windows Vista®、Windows 7、Windows 8.x
      Internet Explorer 8.0以降、最新バージョンのMozilla Firefox、Google Chrome、Opera
      512MB以上のRAM(ネットブックでは1GB以上を推奨)、128MB以上のグラフィックメモリ

      Mac OS
      インテルCore™ Duo 1.83GHz以上のプロセッサー
      Mac OS X v10.6以降
      最新バージョンのSafari、Mozilla Firefox、Google Chrome、Opera
      512MB以上のRAM、128MB以上のグラフィックメモリ

      Linux
      2.33GHz以上のx86互換プロセッサー(ネットブックではインテルAtom 1.6GHz以上のプロセッサー)
      Red Hat® Enterprise Linux®(RHEL)5.6以降(32-bit版および64-bit版)、openSUSE® 11.3以降(32-bit版および64-bit版)、Ubuntu 10.04以降(32-bit版および64-bit版)
      最新バージョンのFirefox、Google Chrome
      512MB以上のRAM、128MB以上のグラフィックメモリ
      ご注意:Flash Player 11.2は、Linuxに対応するFlash Playerの最新バージョンです。アドビはセキュリティアップデートを引き続き提供します。

      保護されたコンテンツを再生するためにAdobe Accessクライアント
      Windows:Microsoft Windows XP(32-bit版)、Windows Vista(32-bit版および64-bit版)、Windows 7(32-bit版および64-bit版)、Windows 8.x
      Mac OS:Mac OS X v10.6以降
      Linux:openSUSE 11.3以降(32-bit版および64-bit版)、RHEL 5.6以降(32-bit版および64-bit版)、Ubuntu 10.04以降(32-bit版および64-bit版)
      ご注意:Ubuntu Linuxには、libhal(Hardware Abstraction Layer)が必要です。保護されたコンテンツを再生するために、halをインストールしてください。

      製品情報:
      Adobe® Flash® Player は軽量ブラウザプラグインおよび豊富なインターネットアプリケーションランタイムであり、一貫性と魅力のあるユーザ-エクスペリエンス、優れた音声/動画再生機能、および高度なゲームプレイを提供します。
      13 億台以上のシステムにインストールされている Flash Player は、高インパクトの豊富な Web コンテンツを提供する標準プログラムです。

      • so-ra
      • 投稿日 (Posted on):

      Windows Vista 32bit で確認した結果
      Internet Explorer : flashplayer18ax_ra_install.exe
      Firefox : flashplayer18_ha_install.exe

      Adobe AIR の更新もお忘れなく〜。といっても自動検出(マニュアルアップデート機能無し)なので、当該プログラムを起動した時にダイアログが出る仕組みなんだったっけか。→ そうですね。更新通知が出ました(18.0.0.144)。AIR のアイコンも赤黒く変わっていた (^O^)

      Windows 7 64bit で確認した結果
      Internet Explorer : flashplayer18ax_ce_install.exe
      Firefox : flashplayer18_ha_install.exe
      Chrome (NPAPI版 手動ダウンロード) : flashplayer18_ha_install.exe

      ※今更、気付いたこと (Windows環境 の話です)
      Chrome (NPAPI版 手動ダウンロード&インストール完了) を行った後、Firefox で バージョンチェックをしてみたところ(Flash Player ヘルプ https://helpx.adobe.com/jp/flash-player.html)、なぜか、すでに最新バージョンに更新された状態になっていた。これからアップデートしようとしていたので、おや? っと・・・。
      ということは、Flash Player 18 の Windows用では、Firefox用 と Chrome用 で、内部的にNPAPI版は共用されている(というか、同じもの)ということなのだろうけれど。あれ〜、でも、これって「今さら」のことなんだっけか・・・。確か、17 の時には、毎回(毎月)、例え NPAPIであっても、Firefox と Chrome に対して、それぞれいちいちアップデート作業をしていたような記憶があるので。まあ、記憶力には自信がないけど。

        • so-ra
        • 投稿日 (Posted on):

        Google Chrome のバージョンアップ(セキュリティアップデート)を適用してソフトウェア更新した際に、Flash Player (PPAPI, NPAPI の両方) が更新されるようになっているのか(NPAPI plug-in が無効になっている状態でも)? もしそうだとしたら、表向き NPAPI がデフォルト無効になっている割りには、気が利いている挙動かと。

    • so-ra
    • 投稿日 (Posted on):

    chrome://flags/#enable-npapi
    NPAPI を 有効にする の項目に、以下の文言が追記されていました(バージョン 43.0.2357.124 m で確認)。
    「このフラグは Chrome 45 で削除され、NPAPI もサポートされなくなります。g.co/npapi(リンク先は英語)をご覧ください。」
    というわけで、短縮URLの先へ ↓
    NPAPI deprecation: developer guide
    (https://www.chromium.org/developers/npapi-deprecation)

    そして、ちょっと抜粋。

    January 2015
    Currently Chrome supports NPAPI plugins, but they are blocked by default unless the user chooses to allow them for specific sites (via the page action UI). A small number of the most popular plugins are whitelisted and allowed by default. In January 2015 we will remove the whitelist, meaning all plugins will be blocked by default. Even though users will be able to let NPAPI plug-ins run by default in January, we encourage developers to migrate of off NPAPI as soon as possible. Support for NPAPI will be completely removed from Chrome by September 2015.

    April 2015
    In April 2015 (Chrome 42) NPAPI support will be disabled by default in Chrome and we will unpublish extensions requiring NPAPI plugins from the Chrome Web Store. All NPAPI plugins will appear as if they are not installed, as they will not appear in the navigator.plugins list nor will they be instantiated (even as a placeholder). Although plugin vendors are working hard to move to alternate technologies, a small number of users still rely on plugins that haven’t completed the transition yet. We will provide an override for advanced users (via chrome://flags/#enable-npapi) and enterprises (via Enterprise Policy) to temporarily re-enable NPAPI (via the page action UI) while they wait for mission-critical plugins to make the transition. In addition, setting any of the plugin Enterprise policies (e.g. EnabledPlugins, PluginsAllowedForUrls) will temporarily re-enable NPAPI.

    September 2015
    In September 2015 (Chrome 45) we will remove the override and NPAPI support will be permanently removed from Chrome. Installed extensions that require NPAPI plugins will no longer be able to load those plugins.

    英語ですが、興味深いのは、最後のところ。
    「2015年9月(クローム45)において、我々は、クロームからNPAPIのサポートを永久に削除する。NPAPIプラグインを必要とするインストールされた拡張機能は、もはやそれらのプラグインをロードすることができなくなる。」
    なるほど、クロームで 完全に NPAPI が使えなくなる日まで、もう残り3ヵ月くらいなのか。余命3ヵ月。

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome

    Original release date: June 22, 2015
    Google has released Chrome version 43.0.2357.130 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an attacker to obtain sensitive information.

    Users and administrators are encouraged to review the Chrome Releases Page(http://googlechromereleases.blogspot.jp/2015/06/chrome-stable-update.html) and apply the necessary updates.

    • so-ra
    • 投稿日 (Posted on):

    The stable channel has been updated to 43.0.2357.132 for Windows, Mac, and Linux.
    A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/43.0.2357.130..43.0.2357.132?pretty=fuller&n=10000)

      • so-ra
      • 投稿日 (Posted on):

      このアップデートによって、同梱のフラッシュプレイヤープラグイン【タイプ: PPAPI(プロセス外)】も 18.0.0.203 へとアップデートされます。対象はデフォルト有効のPPAPI版のみで、無効化されているNPAPI版は 18.0.0.194 のままです。
      Adobe Flash Player – バージョン: 18.0.0.203
      Shockwave Flash 18.0 r0
      名前: Shockwave Flash
      説明: Shockwave Flash 18.0 r0
      バージョン: 18.0.0.203
      場所: C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll
      タイプ: PPAPI(プロセス外)
      MIME タイプ:
      MIME タイプ 説明 ファイル拡張子
      application/x-shockwave-flash Shockwave Flash .swf
      application/futuresplash FutureSplash Player .spl

    • so-ra
    • 投稿日 (Posted on):

    The stable channel has been updated to 43.0.2357.134 for Windows, Mac, and Linux. This release contains a critical update to Adobe Flash Player (18.0.0.209) and a fix for a full screen casting issue. A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/43.0.2357.132..43.0.2357.134?pretty=fuller&n=10000)

      • so-ra
      • 投稿日 (Posted on):

      このアップデートによって、同梱のフラッシュプレイヤープラグイン【タイプ: PPAPI(プロセス外)】も 18.0.0.209 へとアップデートされます。対象は PPAPI版のみで、NPAPI版は 18.0.0.203 のままです。

      ※発見したこと
      Chrome アップデート適用する前に、プラグイン設定画面上で、フラッシュプレイヤーの NPAPI と PPAPI の両方を有効化した状態にしておいた場合、Chrome アップデート適用後も、フラッシュプレイヤーの NPAPI と PPAPI の両方が有効化された状態が維持されていた。

      Adobe Flash Player – バージョン: 18.0.0.209
      Shockwave Flash 18.0 r0
      名前: Shockwave Flash
      説明: Shockwave Flash 18.0 r0
      バージョン: 18.0.0.209
      場所: C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\PepperFlash\pepflashplayer.dll
      タイプ: PPAPI(プロセス外)
      MIME タイプ:
      MIME タイプ 説明 ファイル拡張子
      application/x-shockwave-flash Shockwave Flash .swf
      application/futuresplash FutureSplash Player .spl

      ※Firefox を併用している場合
      Firefoxのフラッシュプレイヤー(NPAPI)更新と共に、クロームのNPAPI版がアップデートされた。共有されている。

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: July 21, 2015
    Google has released Chrome version 44.0.2403.89 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.

    Users and administrators are encouraged to review the Chrome Releases page (http://googlechromereleases.blogspot.jp/2015/07/stable-channel-update_21.html) and apply the necessary update.

      • so-ra
      • 投稿日 (Posted on):

      The Chrome team is delighted to announce the promotion of Chrome 44 to the stable channel for Windows, Mac and Linux. Chrome 44.0.2403.89 contains a number of fixes and improvements, including:
      A number of new apps/extension APIs
      Lots of under the hood changes for stability and performance
      A list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 44.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 43 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$3000][446032] High CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer.
      [$3000][459215] High CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft.
      [$TBD][461858] High CVE-2015-1274: Settings allowed executable files to run immediately after download. Credit to andrewm.bpi.
      [$7500][462843] High CVE-2015-1275: UXSS in Chrome for Android. Credit to WangTao(neobyte) of Baidu X-Team.
      [$TBD][472614] High CVE-2015-1276: Use-after-free in IndexedDB. Credit to Collin Payne.
      [$5500][483981] High CVE-2015-1279: Heap-buffer-overflow in pdfium. Credit to mlafon.
      [$5000][486947] High CVE-2015-1280: Memory corruption in skia. Credit to cloudfuzzer.
      [$1000][487155] High CVE-2015-1281: CSP bypass. Credit to Masato Kinugawa.
      [$TBD][487928] High CVE-2015-1282: Use-after-free in pdfium. Credit to Chamal de Silva.
      [$TBD][492052] High CVE-2015-1283: Heap-buffer-overflow in expat. Credit to sidhpurwala.huzaifa.
      [$2000][493243] High CVE-2015-1284: Use-after-free in blink. Credit to Atte Kettunen of OUSPG.
      [$7500][504011] High CVE-2015-1286: UXSS in blink. Credit to anonymous.
      [$1337][419383] Medium CVE-2015-1287: SOP bypass with CSS. Credit to filedescriptor.
      [$1000][444573] Medium CVE-2015-1270: Uninitialized memory read in ICU. Credit to Atte Kettunen of OUSPG.
      [$500][451456] Medium CVE-2015-1272: Use-after-free related to unexpected GPU process termination. Credit to Chamal de Silva.
      [479743] Medium CVE-2015-1277: Use-after-free in accessibility. Credit to SkyLined.
      [$500][482380] Medium CVE-2015-1278: URL spoofing using pdf files. Credit to Chamal de Silva.
      [$1337][498982] Medium CVE-2015-1285: Information leak in XSS auditor. Credit to gazheyes.
      [$500][479162] Low CVE-2015-1288: Spell checking dictionaries fetched over HTTP. Credit to mike@michaelruddy.com.

      As usual, our ongoing internal security work was responsible for a wide range of fixes:
      [512110] CVE-2015-1289: Various fixes from internal audits, fuzzing and other initiatives.

      Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

      Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

      Penny MacNeil
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    The stable channel has been updated to 44.0.2403.107 for Windows, Mac and Linux. A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/44.0.2403.89..44.0.2403.107?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    The stable channel has been updated to 44.0.2403.125 for Windows, Mac and Linux. A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/44.0.2403.107..44.0.2403.125?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 44.0.2403.130 for Windows, Mac, and Linux. A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/44.0.2403.125..44.0.2403.130?pretty=fuller&n=10000)

      • so-ra
      • 投稿日 (Posted on):

      今回のアップデートでは、アップデート前にNPAPIが有効化してあっても、適用→再起動後、NPAPIが無効の状態に戻りました。

    • so-ra
    • 投稿日 (Posted on):

    The stable channel has been updated to 44.0.2403.155 for Windows, Mac, and Linux. A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/44.0.2403.130..44.0.2403.155?pretty=fuller&n=10000)

      • so-ra
      • 投稿日 (Posted on):

      今回のアップデートでは、Adobe Flash Player (PPAPI)が 18,0,0,232 にバージョンアップするはずだが、日本時間 2015/08/12 22:30 現在、Chrome のアップデートができない。「バージョン 44.0.2403.130 m Google Chrome は最新版です。」と表示され、Adobe Flash Player (PPAPI)は 18.0.0.209 のままである。

        • so-ra
        • 投稿日 (Posted on):

        日本時間 2015/08/13 10:17 更新完了
        Adobe Flash Player (PPAPI)が 18,0,0,232 にバージョンアップした。
        今回のアップデートでは、アップデート前に NPAPI が有効化してあった場合、適用→再起動後、NPAPIが有効の状態のまま。
        Chrome PPAPI
        名前: Shockwave Flash 18.0 r0
        バージョン: 18.0.0.232
        場所: C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
        MIME タイプ:
        application/x-shockwave-flash Shockwave Flash .swf
        application/futuresplash FutureSplash Player .spl

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 44.0.2403.157 for Windows, Mac, and Linux. A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/44.0.2403.155..44.0.2403.157?pretty=fuller&n=10000)

      • so-ra
      • 投稿日 (Posted on):

      今回のアップデートでは、アップデート前に NPAPI が有効化してあった場合、適用→再起動後、NPAPIが有効の状態のまま。

    • so-ra
    • 投稿日 (Posted on):

    The Chrome team is delighted to announce the promotion of Chrome 45 to the stable channel for Windows, Mac and Linux.

    Chrome 45.0.2454.85 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 45.

    Security Fixes and Rewards

    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

    This update includes 29 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

    [$7500][516377] High CVE-2015-1291: Cross-origin bypass in DOM. Credit to anonymous.
    [$7500][522791] High CVE-2015-1292: Cross-origin bypass in ServiceWorker. Credit to Mariusz Mlynski.
    [$7500][524074] High CVE-2015-1293: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
    [$5000][492263] High CVE-2015-1294: Use-after-free in Skia. Credit to cloudfuzzer.
    [$3000][502562] High CVE-2015-1295: Use-after-free in Printing. Credit to anonymous.
    [$1000][421332] High CVE-2015-1296: Character spoofing in omnibox. Credit to zcorpan.
    [$3000][510802] Medium CVE-2015-1297: Permission scoping error in WebRequest. Credit to Alexander Kashev.
    [$3000][518827] Medium CVE-2015-1298: URL validation error in extensions. Credit to Rob Wu.
    [$2000][416362] Medium CVE-2015-1299: Use-after-free in Blink. Credit to taro.suzuki.dev.
    [$1000][511616] Medium CVE-2015-1300: Information leak in Blink. Credit to cgvwzq.

    We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

    As usual, our ongoing internal security work was responsible for a wide range of fixes:
    [526825] CVE-2015-1301: Various fixes from internal audits, fuzzing and other initiatives.
    Multiple vulnerabilities in V8 fixed at the tip of the 4.5 branch (currently 4.5.103.29).

    Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

    Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

    Vivian Zhi
    Google Chrome

      • so-ra
      • 投稿日 (Posted on):

      今回のアップデート後のバージョンでは、遂に NPAPI プラグインのサポートが完全に消えて無くなった。アップデート前に NPAPI が有効化してあった場合であっても、アップデート適用 → ブラウザ再起動後、NPAPIを有効にするための環境設定画面(であった) chrome://flags/ にアクセスしてみましたが、enable-npapi の項目が削除された状態になっていた。

      • so-ra
      • 投稿日 (Posted on):

      Google Releases Security Update for Chrome
      Original release date: September 01, 2015
      Google has released Chrome version 45.0.2454.85 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.
      US-CERT encourages users and administrators to review the Chrome Releases page (http://googlechromereleases.blogspot.jp/2015/09/stable-channel-update.html) and apply the necessary update.

        • so-ra
        • 投稿日 (Posted on):

        NPAPI 葬送の序曲

        遂に、Google Chrome の NPAPI のサポートが完全に終了ですか・・

    • 00
    • 投稿日 (Posted on):

    コマンドとか右クリックでコピーできるようにしとけよ
    使えねー糞バカ

      • so-ra
      • 投稿日 (Posted on):

      そもそも、コマンドなんか、このページに載せてねえし。
      キーボードもまともに打てないヤツを相手に書いてるわけじゃない。偉そうなコメントさらすな。

      まあ、最新の Google Chrome (v45 以降) では、もう NPAPI 使えないので、お前の存在のように、もう意味ない(笑)
      それを知らなかった君にわざわざ教えてあげてる相手を罵るアホの方が、よっぽど“使えねーくそばか”だ (^_^)v

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 45.0.2454.93 for Windows, Mac, and Linux. A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/45.0.2454.85..45.0.2454.93?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 45.0.2454.99 for Windows, Mac, and Linux. This release contains a critical update to Adobe Flash Player (19.0.0.185). A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/45.0.2454.93..45.0.2454.99?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    2015/09/25
    The stable channel of Google Chrome has been updated to 45.0.2454.101 for Windows, Mac, and Linux.

    Security Fixes and Rewards

    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix.

    The following bugs from external security researchers were fixed in this release:
    [$TBD][530301] High CVE-2015-1303: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
    [$TBD][531891] High CVE-2015-1304: Cross-origin bypass in V8. Credit to Mariusz Mlynski.

    • so-ra
    • 投稿日 (Posted on):

    2015/10/14
    The Chrome team is delighted to announce the promotion of Chrome 46 to the stable channel for Windows, Mac and Linux.

    Chrome 46.0.2490.71 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 46.

    Security Fixes and Rewards

    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

    This update includes 24 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

    [$8837][519558] High CVE-2015-6755: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
    [$6337][507316] High CVE-2015-6756: Use-after-free in PDFium. Credit to anonymous.
    [$3500][529520] High CVE-2015-6757: Use-after-free in ServiceWorker. Credit to Collin Payne.
    [$3000][522131] High CVE-2015-6758: Bad-cast in PDFium. Credit to Atte Kettunen of OUSPG.
    [$1000][514076] Medium CVE-2015-6759: Information leakage in LocalStorage. Credit to Muneaki Nishimura (nishimunea).
    [$1000][519642] Medium CVE-2015-6760: Improper error handling in libANGLE. Credit to lastland.net.
    [$500][447860 & 532967] Medium CVE-2015-6761: Memory corruption in FFMpeg. Credit to Aki Helin of OUSPG and anonymous.
    [$500][512678] Low CVE-2015-6762: CORS bypass via CSS fonts. Credit to Muneaki Nishimura (nishimunea).

    We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

    As usual, our ongoing internal security work was responsible for a wide range of fixes:
    [542517] CVE-2015-6763: Various fixes from internal audits, fuzzing and other initiatives.
    Multiple vulnerabilities in V8 fixed at the tip of the 4.6 branch (currently 4.6.85.23).

    Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

    Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

    Tina Zhou
    Google Chrome
    (http://googlechromereleases.blogspot.jp/2015/10/stable-channel-update.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+GoogleChromeReleases+%28Google+Chrome+Releases%29)

    • so-ra
    • 投稿日 (Posted on):

    2015/10/23
    The stable channel of Google Chrome has been updated to 46.0.2490.80 for Windows, Mac, and Linux. This release contains a critical update to Adobe Flash Player (19.0.0.226).
    A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/46.0.2490.71..46.0.2490.80?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    2015/11/11
    The stable channel of Google Chrome has been updated to 46.0.2490.86 for Windows, Mac, and Linux. This release contains an update to Adobe Flash Player (19.0.0.245) and security fixes.

    Security Fixes and Rewards

    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

    Below, we highlight one fix that was contributed by an external researcher. Please see the Chromium security page for more information.
    (https://sites.google.com/a/chromium.org/dev/Home/chromium-security)

    [$4000][520422] High CVE-2015-1302: Information leak in PDF viewer. Credit to Rob Wu.

    A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/46.0.2490.80..46.0.2490.86?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    2015/12/1
    Google Releases Security Update for Chrome

    Original release date: December 01, 2015
    Google has released Chrome version 47.0.2526.73 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
    Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2015/12/stable-channel-update.html)

      • so-ra
      • 投稿日 (Posted on):

      The Chrome team is delighted to announce the promotion of Chrome 47 to the stable channel for Windows, Mac and Linux.

      Chrome 47.0.2526.73 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 47.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 41 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$10000][558589] Critical CVE-2015-6765: Use-after-free in AppCache. Credit to anonymous.
      [$11337][551044] High CVE-2015-6766: Use-after-free in AppCache. Credit to anonymous.
      [$10000][554908] High CVE-2015-6767: Use-after-free in AppCache. Credit to anonymous.
      [$8000][556724] High CVE-2015-6768: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
      [$7500][534923] High CVE-2015-6769: Cross-origin bypass in core. Credit to Mariusz Mlynski.
      [$7500][541206] High CVE-2015-6770: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
      [$7500][544991] High CVE-2015-6771: Out of bounds access in v8. Credit to anonymous.
      [$7500][546545] High CVE-2015-6772: Cross-origin bypass in DOM. Credit to Mariusz Mlynski.
      [$7500][554946] High CVE-2015-6764: Out of bounds access in v8. Credit to Guang Gong of Qihoo 360 via pwn2own.
      [$5000][491660] High CVE-2015-6773: Out of bounds access in Skia. Credit to cloudfuzzer.
      [$5000][549251] High CVE-2015-6774: Use-after-free in Extensions. Credit to anonymous.
      [$3500][529012] High CVE-2015-6775: Type confusion in PDFium. Credit to Atte Kettunen of OUSPG.
      [$3000][457480] High CVE-2015-6776: Out of bounds access in PDFium. Credit to Hanno Böck.
      [$3000][544020] High CVE-2015-6777: Use-after-free in DOM. Credit to Long Liu of Qihoo 360Vulcan Team.
      [$2000][514891] Medium CVE-2015-6778: Out of bounds access in PDFium. Credit to Karl Skomski.
      [$2000][528505] Medium CVE-2015-6779: Scheme bypass in PDFium. Credit to Til Jasper Ullrich.
      [$1000][490492] Medium CVE-2015-6780: Use-after-free in Infobars. Credit to Khalil Zhani.
      [$1000][497302] Medium CVE-2015-6781: Integer overflow in Sfntly. Credit to miaubiz.
      [$1000][536652] Medium CVE-2015-6782: Content spoofing in Omnibox. Credit to Luan Herrera.
      [$1000][537205] Medium CVE-2015-6783: Signature validation issue in Android Crazy Linker. Credit to Michal Bednarski.
      [$500][503217] Low CVE-2015-6784: Escaping issue in saved pages. Credit to Inti De Ceukelaire.
      [$500][534542] Low CVE-2015-6785: Wildcard matching issue in CSP. Credit to Michael Ficarra / Shape Security.
      [$500][534570] Low CVE-2015-6786: Scheme bypass in CSP. Credit to Michael Ficarra / Shape Security.

      We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

      As usual, our ongoing internal security work was responsible for a wide range of fixes:
      [563930] CVE-2015-6787: Various fixes from internal audits, fuzzing and other initiatives.
      Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch (currently 4.7.80.23).

      Many of the above bugs were detected using AddressSanitizer or MemorySanitizer.

      Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

      Vivian Zhi
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    2015/12/8
    Google Releases Security Update for Chrome

    Original release date: December 08, 2015
    Google has released Chrome version 47.0.2526.80 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.
    Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/search/label/Stable%20updates)

      • so-ra
      • 投稿日 (Posted on):

      The stable channel has been updated to 47.0.2526.80 for Windows, Mac, and Linux. This release contains an update to Adobe Flash Player (20.0.0.228) and security fixes.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 7 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$5000][548273] High CVE-2015-6788: Type confusion in extensions. Credit to anonymous.
      [$2000][557981] High CVE-2015-6789: Use-after-free in Blink. Credit to cloudfuzzer.
      [$500][542054] Medium CVE-2015-6790: Escaping issue in saved pages. Credit to Inti De Ceukelaire.

      We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

      As usual, our ongoing internal security work was responsible for a wide range of fixes:
      [567513] CVE-2015-6791: Various fixes from internal audits, fuzzing and other initiatives.
      Multiple vulnerabilities in V8 fixed at the tip of the 4.7 branch (currently 4.7.80.23).

      Many of the above bugs were detected using AddressSanitizer, MemorySanitizer or Control Flow Integrity.

      A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

      Vivian Zhi
      Google Chrome

      • so-ra
      • 投稿日 (Posted on):

      Adobe Flash Player – バージョン: 20.0.0.228
      Shockwave Flash 20.0 r0
      名前: Shockwave Flash
      説明: Shockwave Flash 20.0 r0
      バージョン: 20.0.0.228
      場所: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll
      タイプ: PPAPI(プロセス外)
      MIME タイプ:
      MIME タイプ 説明 ファイル拡張子
      application/x-shockwave-flash Shockwave Flash .swf
      application/futuresplash FutureSplash Player .spl

    • so-ra
    • 投稿日 (Posted on):

    2015/12/15
    Google Releases Security Update for Chrome

    Original release date: December 15, 2015
    Google has released Chrome version 47.0.2526.106 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.
    Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/search/label/Stable%20updates)

      • so-ra
      • 投稿日 (Posted on):

      The stable channel has been updated to 47.0.2526.106 for Windows, Mac, and Linux.

      Security Fixes

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 2 security fixes as part of our ongoing internal security work:
      [569486] CVE-2015-6792: Fixes from internal audits and fuzzing.

      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer or Control Flow Integrity.

      A partial list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

      Vivian Zhi
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    2016/1/13
    The stable channel of Google Chrome has been updated to 47.0.2526.111 for Windows, Mac, and Linux.
    A partial list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/47.0.2526.106..47.0.2526.111?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: January 20, 2016
    Google has released Chrome version 48.0.2564.82 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
    Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2016/01/stable-channel-update_20.html)

      • so-ra
      • 投稿日 (Posted on):

      The Chrome team is delighted to announce the promotion of Chrome 48 to the stable channel for Windows, Mac and Linux.

      Chrome 48.0.2564.82 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 48.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 37 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$3000][497632] High CVE-2016-1612: Bad cast in V8. Credit to cloudfuzzer.
      [$3000][572871] High CVE-2016-1613: Use-after-free in PDFium. Credit to anonymous.
      [$2000][544691] Medium CVE-2016-1614: Information leak in Blink. Credit to Christoph Diehl.
      [$500][468179] Medium CVE-2016-1615: Origin confusion in Omnibox. Credit to Ron Masas.
      [$500][541415] Medium CVE-2016-1616: URL Spoofing. Credit to Luan Herrera.
      [$500][544765] Medium CVE-2016-1617: History sniffing with HSTS and CSP. Credit to jenuis.
      [$500][552749] Medium CVE-2016-1618: Weak random number generator in Blink. Credit to Aaron Toponce.
      [$500][557223] Medium CVE-2016-1619: Out-of-bounds read in PDFium. Credit to Keve Nagy.

      We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

      As usual, our ongoing internal security work was responsible for a wide range of fixes:
      [579625] CVE-2016-1620: Various fixes from internal audits, fuzzing and other initiatives.
      Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch (currently 4.8.271.17).

      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer or Control Flow Integrity.

      Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

      Krishna Govind
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    2016/1/27
    The stable channel of Google Chrome has been updated to 48.0.2564.97 for Windows, Mac, and Linux.
    A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/48.0.2564.82..48.0.2564.97?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    2016/2/3
    The stable channel of Google Chrome has been updated to 48.0.2564.103 for Windows, Mac, and Linux.
    A list of changes is available in the log.
    (https://chromium.googlesource.com/chromium/src/+log/48.0.2564.97..48.0.2564.103?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    チーサポ
    (https://teamsupport.jp/index.html)
    無料のスケジュール共有&出席簿サービス(子供チーム専用)
    チーサポは子供のスポーツチームの運営に必要な機能をひとまとめにした、無料の連絡ツールです。

    • so-ra
    • 投稿日 (Posted on):

    Chromeを更新したらコピペ出来なくなった

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: February 09, 2016
    Google has released Chrome version 48.0.2564.109 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
    US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2016/02/stable-channel-update_9.html)

      • so-ra
      • 投稿日 (Posted on):

      The stable channel of Google Chrome has been updated to 48.0.2564.109 for Windows, Mac, and Linux.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$7500][546677] High CVE-2016-1622: Same-origin bypass in Extensions. Credit to anonymous.
      [$7500][577105] High CVE-2016-1623: Same-origin bypass in DOM. Credit to Mariusz Mlynski.
      [$TBD][583607] High CVE-2016-1624: Buffer overflow in Brotli. Credit to lukezli.
      [$1000][509313] Medium CVE-2016-1625: Navigation bypass in Chrome Instant. Credit to Jann Horn.
      [571480] Medium CVE-2016-1626: Out-of-bounds read in PDFium. Credit to anonymous, working with HP’s Zero Day Initiative.

      As usual, our ongoing internal security work:
      [585517] CVE-2016-1627: Various fixes from internal audits, fuzzing and other initiatives.

      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer or Control Flow Integrity.

      A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

      Krishna Govind
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: February 18, 2016
    Google has released Chrome version 48.0.2564.116 to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
    US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2016/02/stable-channel-update_18.html)

      • so-ra
      • 投稿日 (Posted on):

      The stable channel of Google Chrome has been updated to 48.0.2564.116 for Windows, Mac, and Linux.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes the following security fix contributed by an external researcher. Please see the Chromium security page for more information.

      [$25,633.7][583431] Critical CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome. Credit to anonymous.

      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer or Control Flow Integrity.

      A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

      Krishna Govind
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: March 02, 2016
    Google has released Chrome version 49.0.2623.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
    Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2016/03/stable-channel-update.html)

      • so-ra
      • 投稿日 (Posted on):

      The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux.

      Chrome 49.0.2623.75 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 49.

      Security Fixes and Rewards

      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 26 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$8000][560011] High CVE-2016-1630: Same-origin bypass in Blink. Credit to Mariusz Mlynski.
      [$7500][569496] High CVE-2016-1631: Same-origin bypass in Pepper Plugin. Credit to Mariusz Mlynski.
      [$5000][549986] High CVE-2016-1632: Bad cast in Extensions. Credit to anonymous.
      [$3000][572537] High CVE-2016-1633: Use-after-free in Blink. Credit to cloudfuzzer.
      [$3000][559292] High CVE-2016-1634: Use-after-free in Blink. Credit to cloudfuzzer.
      [$2000][585268] High CVE-2016-1635: Use-after-free in Blink. Credit to Rob Wu.
      [$2000][584155] High CVE-2016-1636: SRI Validation Bypass. Credit to ryan@cyph.com.
      [$500][560291] High CVE-2015-8126: Out-of-bounds access in libpng. Credit to joerg.bornemann.
      [$2000][555544] Medium CVE-2016-1637: Information Leak in Skia. Credit to Keve Nagy.
      [$1000][585282] Medium CVE-2016-1638: WebAPI Bypass. Credit to Rob Wu.
      [$1000][572224] Medium CVE-2016-1639: Use-after-free in WebRTC. Credit to Khalil Zhani.
      [$1000][550047] Medium CVE-2016-1640: Origin confusion in Extensions UI. Credit to Luan Herrera.
      [$500][583718] Medium CVE-2016-1641: Use-after-free in Favicon. Credit to Atte Kettunen of OUSPG.

      We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. An additional $14,500 in rewards were issued for security bugs present on non-stable channels.

      As usual, our ongoing internal security work was responsible for a wide range of fixes:

      [591402] CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives.
      Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26).

      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

      Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

      Krishna Govind
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: March 08, 2016
    Google has released Chrome version 49.0.2623.87 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
    US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2016/03/stable-channel-update_8.html)

      • so-ra
      • 投稿日 (Posted on):

      The stable channel of Google Chrome has been updated to 49.0.2623.87 for Windows, Mac, and Linux.
      Security Fixes and Rewards
      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
      This update includes 3 security fixes that were contributed by external researchers. Please see the Chromium security page for more information.
      [$5000][589838] High CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
      [$3500][590620] High CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.
      [587227] High CVE-2016-1645: Out-of-bounds write in PDFium. Credit to anonymous working with HP’s Zero Day Initiative.
      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.
      A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
      Krishna Govind
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    Google Releases Security Update for Chrome
    Original release date: March 24, 2016
    Google has released Chrome version 49.0.2623.108 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
    US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
    (http://googlechromereleases.blogspot.jp/2016/03/stable-channel-update_24.html)

      • so-ra
      • 投稿日 (Posted on):

      The stable channel of Google Chrome has been updated to 49.0.2623.108 for Windows, Mac, and Linux.

      Security Fixes and Rewards
      Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

      This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

      [$7500][594574] High CVE-2016-1646: Out-of-bounds read in V8. Credit to Wen Xu from Tencent KeenLab.
      [$5500][590284] High CVE-2016-1647: Use-after-free in Navigation. Credit to anonymous.
      [$5000][590455] High CVE-2016-1648: Use-after-free in Extensions. Credit to anonymous.
      [595836] High CVE-2016-1649: Buffer overflow in libANGLE. Credit to lokihardt working with HP’s Zero Day Initiative / Pwn2Own.

      As usual, our ongoing internal security work was responsible for a wide range of fixes:
      [597518] CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives.
      Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.33).

      Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

      A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

      Krishna Govind
      Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 49.0.2623.110 for Windows, Mac, and Linux.
    A list of changes is available in the log. (https://chromium.googlesource.com/chromium/src/+log/49.0.2623.108..49.0.2623.110?pretty=fuller&n=10000)Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
    Krishna Govind
    Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 49.0.2623.112 for Windows, Mac, and Linux.
    A list of changes is available in the log.(https://chromium.googlesource.com/chromium/src/+log/49.0.2623.110..49.0.2623.112?pretty=fuller&n=10000) Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
    Krishna Govind
    Google Chrome

    • so-ra
    • 投稿日 (Posted on):

    The Chrome team is delighted to announce the promotion of Chrome 50 to the stable channel for Windows, Mac and Linux.
    Chrome 50.0.2661.75 contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 50.

    Security Fixes and Rewards
    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

    This update includes 20 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

    [$7500][590275] High CVE-2016-1652: Universal XSS in extension bindings. Credit to anonymous.
    [$5000][589792] High CVE-2016-1653: Out-of-bounds write in V8. Credit to Choongwoo Han.
    [591785] Medium CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding. Credit to kdot working with HP’s Zero Day Initiative.
    [$1500][589512] Medium CVE-2016-1654: Uninitialized memory read in media. Credit to Atte Kettunen of OUSPG.
    [$1500][582008] Medium CVE-2016-1655: Use-after-free related to extensions. Credit to Rob Wu.
    [$500][570750] Medium CVE-2016-1656: Android downloaded file path restriction bypass. Credit to Dzmitry Lukyanenko.
    [$1000][567445] Medium CVE-2016-1657: Address bar spoofing. Credit to Luan Herrera.
    [$500][573317] Low CVE-2016-1658: Potential leak of sensitive information to malicious extensions. Credit to Antonio Sanso (@asanso) of Adobe.

    We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. The total value of additional rewards and their recipients will updated here when all reports have gone through the reward panel.

    As usual, our ongoing internal security work was responsible for a wide range of fixes:
    [602697] CVE-2015-1659: Various fixes from internal audits, fuzzing and other initiatives.

    Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

    Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

    Krishna Govind
    Google Chrome

      • so-ra
      • 投稿日 (Posted on):

      Google Releases Security Update for Chrome
      Original release date: April 13, 2016
      Google has released Chrome version 50.0.2661.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
      Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.
      (http://googlechromereleases.blogspot.jp/2016/04/stable-channel-update_13.html)

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 50.0.2661.86 for Mac and Linux, the update for Windows will follow soon.
    A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
    Krishna Govind
    Google Chrome
    (https://chromium.googlesource.com/chromium/src/+log/50.0.2661.75..50.0.2661.86?pretty=fuller&n=10000)

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 50.0.2661.94 for Windows, Mac, and Linux.

    Security Fixes and Rewards

    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

    This update includes 9 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

    [$3000][574802] High CVE-2016-1660: Out-of-bounds write in Blink. Credit to Atte Kettunen of OUSPG.
    [$3000][601629] High CVE-2016-1661: Memory corruption in cross-process frames. Credit to Wadih Matar.
    [$3000][603732] High CVE-2016-1662: Use-after-free in extensions. Credit to Rob Wu.
    [$3000][603987] High CVE-2016-1663: Use-after-free in Blink’s V8 bindings. Credit to anonymous.
    [$1000][597322] Medium CVE-2016-1664: Address bar spoofing. Credit to Wadih Matar.
    [$1000][606181] Medium CVE-2016-1665: Information leak in V8. Credit to gksgudtjr456.

    We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

    As usual, our ongoing internal security work was responsible for a wide range of fixes:

    [607652] CVE-2015-1666: Various fixes from internal audits, fuzzing and other initiatives.

    Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

    A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

    Krishna Govind
    Google Chrome

      • so-ra
      • 投稿日 (Posted on):

      Google Releases Security Update for Chrome
      Original release date: April 28, 2016
      Google has released Chrome version 50.0.2661.94 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
      US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
      (http://googlechromereleases.blogspot.jp/2016/04/stable-channel-update_28.html)

    • so-ra
    • 投稿日 (Posted on):

    Mac OS X 10.6, 10.7, 10.8 はサポートされなくなったため、このパソコンでは今後Google Chromeのアップデートは受信されません。(https://chrome.googleblog.com/2015/11/updates-to-chrome-platform-support.html)

    • so-ra
    • 投稿日 (Posted on):

    The stable channel of Google Chrome has been updated to 50.0.2661.102 for Windows, Mac, and Linux.

    Security Fixes and Rewards
    Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

    This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chromium security page for more information.

    [$8000][605766] High CVE-2016-1667: Same origin bypass in DOM. Credit to Mariusz Mlynski.
    [$7500][605910] High CVE-2016-1668: Same origin bypass in Blink V8 bindings. Credit to Mariusz Mlynski.
    [$3000][606115] High CVE-2016-1669: Buffer overflow in V8. Credit to Choongwoo Han.
    [$1337][578882] Medium CVE-2016-1670: Race condition in loader. Credit to anonymous.
    [$500][586657] Medium CVE-2016-1671: Directory traversal using the file scheme on Android. Credit to Jann Horn.

    We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

    Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer.

    A list of changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

    Krishna Govind
    Google Chrome

      • so-ra
      • 投稿日 (Posted on):

      Google Releases Security Update for Chrome
      Original release date: May 11, 2016
      Google has released Chrome version 50.0.2661.102 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
      Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.

  1. この記事へのトラックバックはありません。

*

人気記事ランキング

  • SEOブログパーツ
ページ上部へ戻る