Google Chrome Patches 23-Year-Old Bug That Exposed Users’ Browsing History

/in /tarafından

Google Chrome is finally addressing a longstanding privacy vulnerability that has existed for over two decades. This bug allowed malicious websites to detect whether users had previously visited certain links by exploiting how browsers visually indicate visited links. Although some browsers implemented workarounds over the years, Google’s upcoming update introduces a more comprehensive fix. The patch is set to arrive with Chrome version 136, which is expected to begin rolling out later this month.

The root of the issue lies in the CSS :visited selector—a styling rule that changes the appearance of hyperlinks a user has already clicked on. Typically, visited links appear in purple while unvisited ones are blue. However, because this styling was applied across websites, it created a potential for abuse. If a malicious website included the same link present on another site, it could determine if a user had visited that link simply by checking its appearance, effectively exposing parts of the user’s browsing history.

To address this, Google has implemented a technique known as :visited link partitioning. In a recent post on the Chrome Developers Blog, the company explained that the browser will now partition visited link history on a per-site basis. This means a link visited on one website will no longer be marked as visited on a different domain, preventing cross-site detection through CSS styling. According to Google, this change significantly improves user privacy and prevents sites from identifying previously visited URLs using old exploit techniques.

Interestingly, although the bug was only officially acknowledged in 2022, the underlying issue dates back nearly 23 years, making it one of the oldest privacy flaws to persist in modern web browsers. By partitioning visited link data, Google Chrome is catching up with privacy measures that have become more common in other browsers. This update marks a crucial step forward in Chrome’s ongoing efforts to enhance user privacy and security, especially as users become increasingly aware of how their data is tracked online.

Beğenebilecekleriniz:
Greek Court Rules in Spy Case
New Google Play Services Update Brings Auto-Restart Security Feature to Android Smartphones
Mozilla Faces Privacy Complaint Alleging Firefox Tracks Users Without Consent
Pixel Buds Pro 2 Expected to Debut with New Tensor A1 Chip and Enhanced Features
Google Introduces New Class of Cheap AI Models as Cost Concerns Intensify
Google Confirms Release Timeline for Gemini 3 AI Model, Promises Enhanced Reasoning Abilities
Google Unveils AI Glasses in Live Demo, Teases Upcoming Gemini Features
Google One Hits Milestone: Surpasses 100 Million Subscribers Following Gemini Advanced Plan Announcement