Google today launched Chrome 54 for Windows, Mac, and Linux. This release is mainly focused on developers, but the improvements to how the browser handles YouTube embeds are also noteworthy. You can update to the latest version now using the browser’s built-in silent updater, or download it directly from google.com/chrome.

Chrome is arguably more than a browser: With over 1 billion users, it’s a major platform that web developers have to consider. In fact, with Chrome’s regular additions and changes, developers have to keep up to ensure they are taking advantage of everything available.

Chrome 54 rewrites YouTube Flash players to use the YouTube HTML5 embed style. YouTube ditched Flash for HTML5 by default in January 2015, but the old embeds still exist all over the web. Google says the change improves both performance and security for its desktop browser.

Chrome also now provides support for the custom elements V1 spec. Custom elements allow developers to create custom HTML tags, as well as defining their API and behavior in JavaScript. The V0 API will be supported until enough developers have moved to V1, though Google didn’t provide details.

Lastly, the BroadcastChannel API has been implemented to allow one-to-many messaging between windows, tabs, iframes, web workers, and service workers. In other words, this API allows scripts to establish named channels to send messages between browsing contexts of the same origin. This is mainly aimed at sites that leverage multiple browser windows or tabs that let users perform more complex tasks.

Other developer features in this release include:

Chrome 54 also implements 21 security fixes, of which Google chose to highlight the following:

[$7500][645211] High CVE-2016-5181: Universal XSS in Blink. Credit to Anonymous

[$5500][638615] High CVE-2016-5182: Heap overflow in Blink. Credit to Giwan Go of STEALIEN

[$3000][645122] High CVE-2016-5183: Use after free in PDFium. Credit to Anonymous

[$3000][630654] High CVE-2016-5184: Use after free in PDFium. Credit to Anonymous

[$3000][621360] High CVE-2016-5185: Use after free in Blink. Credit to cloudfuzzer

[$1000][639702] High CVE-2016-5187: URL spoofing. Credit to Luan Herrera

[$3133.7][565760] Medium CVE-2016-5188: UI spoofing. Credit to Luan Herrera

[$1000][633885] Medium CVE-2016-5192: Cross-origin bypass in Blink. Credit to haojunhou@gmail.com

[$500][646278] Medium CVE-2016-5189: URL spoofing. Credit to xisigr of Tencent’s Xuanwu Lab

[$500][644963] Medium CVE-2016-5186: Out of bounds read in DevTools. Credit to Abdulrahman Alqabandi (@qab)

[$500][639126] Medium CVE-2016-5191: Universal XSS in Bookmarks. Credit to Gareth Hughes

[$N/A][642067] Medium CVE-2016-5190: Use after free in Internals. Credit to Atte Kettunen of OUSPG

[$500][639658] Low CVE-2016-5193: Scheme bypass. Credit to Yuyang ZHOU (martinzhou96)

[654782] CVE-2016-5194: Various fixes from internal audits, fuzzing and other initiatives

If you add all those up, you’ll see Google spent $28,633.70 in bug bounties this time around — and that number is lowballed, given all the rewards that have yet to be decided. As always, the security fixes alone should be enough incentive for you to upgrade.

Chrome 54 for Android and iOS are also on their way, but Google has not shared exactly when they will ship. Chrome 55 will arrive in late November.