Google yesterday released Chrome 84, the first upgrade in almost two months, with changes to how some notifications are displayed and a restart of the SameSite cookie standard that was postponed this spring.

The search giant also paid out more than $21,000 in bounties to researchers who reported some of the 38 vulnerabilities patched in Chrome 84. One of the flaws was marked “Critical,” Google’s most-serious threat ranking, with another seven tapped as “High,” the second-most dire. Google had not yet decided on rewards for the critical bug and four of the high.

Chrome 84’s sole critical bug was reported to Google only on July 8 by researchers at 360 Alpha Lab, an arm of the Chinese security vendor 360. Google said that the vulnerability was a “heap buffer overflow” in the browser’s background fetch.

To read this article in full, please click here