Google closed a total of 38 security holes in Chrome 84. A vulnerability was rated as “critical”. In most cases, attackers could provoke memory errors. This suggests that attackers could push malicious code through the loopholes and execute it. The current version is available for Linux, macOS and Windows.
With Chrome 84, Google has finally switched off the TLS 1.0 / 1.1 encryption protocols, which have long been considered insecure. This should actually happen with Chrome 81, because of the Corona crisis, the developers have postponed the shutdown. The reason for this is that some US government websites still rely on the outdated protocols. If you now visit a website with TLS 1.0 / 1.1, a warning appears that, for example, log-in data entered on the page is transmitted unsecurely. In addition, Chrome now warns when transferring mixed-content content that the browser loads unencrypted via HTTP. Also new is a warning on fraudulent websites that visitors want to use the browser’s notification function to fill them with spam messages.