Chrome 47 stable has the #enable-ppapi-win32k-lockdown flag(disabled by default). This will protect against a succesfully exploited plugin being used as a stepping stone for a kernel exploit in win32k, as was seen in the Hacking Team win32k+flash exploits.
Looks like it doesn't work with the PDF plugin yet, fix coming in v48. Though you can set it to Flash Only, PDF Only, PDF and Flash and All Plugins.
Lots of users voicing complaints about that on the Chrome blogspot. You'd think the devs would catch their drift. I really dislike the profile menu avatar. When I updated yesterday I had to keep my fingers crossed that I would not lose the Chrome desktop icons, as I have in the past. So far so good. Sometimes they take a couple of days to go away after updating Chrome.
It seems google like to play catch up with the vulnerabilties.I wonder how many bugs will be fixed next time.Maybe they should concentrate on the high resource usage also.
Yeah but google has a bad habit of completely ignoring it's users & forcing things on to them. They didn't listen to all the users that didn't like the new tab page & again they are not listening to the users that have no need for that user name box next to the minimise control.
FYI. Google Chrome Portable 47.0.2526.73 Stable (web browser) Released for the PA Platform, courtesy of PortableApps.com.
FYI. Google Chrome Portable 47.0.2526.80 Stable (web browser) Released for the PA Platform, courtesy of PortableApps.com.
Google Chrome 47.0.2526.106 Dec 15, 2016 http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_15.html
FYI. Google Chrome Portable 47.0.2526.106 Stable (web browser) Released for the PA Platform, courtesy of PortableApps.com.
Google Announces SHA-1 Deprecation Timeline https://threatpost.com/google-announces-sha-1-deprecation-timeline/115681/
Chrome asked me to make it the default browser even though I had already clicked the Don't ask again link.
I have set it to FLASH only -> flash worked, then to PDF + Flash -> PDFs are displayed OK in browser. Do you have any more background info?
@BoerenkoolMetWorst Thx for the info. The ppapi-win3k-lockdown, is great with some tweaking of the plug-in settings (default block with following exceptions). Limiting plugins and javascript to some high level domains (and HTTPS) to execute, cuts down half of the threats on the internet
FYI. Google Chrome Portable 47.0.2526.111 Stable (web browser) Released for the PA Platform, courtesy of PortableApps.com.
Is there any security/privacy advantage to selecting "Detect content" for Plugin exception behavior? EDIT: is it exactly the same as: Detect and run important plugin content (default): Chrome will run important plugins. Click to play non-essential content. ?