Critical Chrome Update Fixes High-Severity Vulnerabilities

Critical Chrome Update Fixes High-Severity Vulnerabilities

Posted on By CWS

Key Points:

  • Google has released a crucial update for Chrome to tackle two high-risk vulnerabilities.
  • The update is crucial for preventing arbitrary code execution and denial-of-service attacks.
  • Users are advised to update their Chrome browsers immediately.

Google’s Urgent Security Update

In a significant security move, Google has deployed an update for the Chrome Stable channel to address two critical vulnerabilities that could allow attackers to execute arbitrary code and cause system crashes. The update, which elevates the browser version to 144.0.7559.132/.133 for Windows and macOS, and 144.0.7559.132 for Linux, aims to safeguard users from potential threats.

The tech giant confirmed that the update distribution will take place over the upcoming days and weeks. These security patches are focused on rectifying memory corruption issues within the browser’s JavaScript and video processing components.

Understanding the Vulnerabilities

The recent update addresses two specific vulnerabilities, both marked as “High” severity. Exploiting these vulnerabilities typically requires a user to navigate to a specially constructed webpage, triggering the exploit within Chrome’s renderer process.

CVE-2026-1862: Type Confusion in V8
This vulnerability exists in V8, Google’s open-source engine for JavaScript and WebAssembly. Type Confusion arises when the engine misinterprets a memory resource type, such as treating an integer as a pointer, leading to potential memory manipulation by attackers. This flaw was identified by researcher Chaoyuan Peng.

CVE-2026-1861: Heap Buffer Overflow in libvpx
The second flaw is in libvpx, a library for VP8 and VP9 video formats. An overflow can occur when excessive data is written to a memory buffer, potentially overwriting adjacent memory. This can result in a denial-of-service (DoS) or be combined with other exploits for arbitrary code execution.

Implications and Recommendations

Although Google has not disclosed whether these vulnerabilities are actively exploited, they have restricted further details until a substantial number of users have updated their browsers, highlighting the potential for weaponization.

It is strongly recommended for both enterprise administrators and individual users to update their Chrome browsers without delay. To ensure the update is installed, users should navigate to Menu > Help > About Google Chrome and confirm the browser version is 144.0.7559.132 or later.

Conclusion

With the release of this critical update, Google continues to prioritize user security by addressing these high-severity vulnerabilities. Prompt action from users to update their browsers is essential to mitigate potential risks and safeguard against exploits. For ongoing updates in cybersecurity, follow us on Google News, LinkedIn, and X.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Telecommunications Companies in Spain Experiencing Downtime Telecommunications Companies in Spain Experiencing Downtime Cyber Security News
Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data Cyber Security News
UAT-7290 Hackers Attacking Critical Infrastructure Entities in South Asia UAT-7290 Hackers Attacking Critical Infrastructure Entities in South Asia Cyber Security News
Threat Actors Attacking Fans and Teams of Belgian Grand Prix With Phishing Campaigns Threat Actors Attacking Fans and Teams of Belgian Grand Prix With Phishing Campaigns Cyber Security News
Chrome 143 Released With Fix for 13 Vulnerabilities that Enables Arbitrary Code Execution Chrome 143 Released With Fix for 13 Vulnerabilities that Enables Arbitrary Code Execution Cyber Security News
NAKIVO v11.2 Enhances Replication and vSphere Support NAKIVO v11.2 Enhances Replication and vSphere Support Cyber Security News