Google Urgently Updates Chrome to Fix Exploited Flaws

Google Urgently Updates Chrome to Fix Exploited Flaws

Posted on By CWS

Google has issued a critical security update for Chrome, addressing two zero-day vulnerabilities that are currently being used for malicious purposes.

Immediate Update Recommended for Chrome Users

The Chrome stable channel now includes version 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux. This update is rolling out gradually and is expected to reach all users in the coming days.

Both vulnerabilities were identified by Google’s security team on March 10, 2026, and have been rated as High severity, highlighting the urgent need for users globally to update their Chrome browsers.

Details of the Security Flaws

The first vulnerability, CVE-2026-3909, is an out-of-bounds write issue found in Skia, an open-source graphics engine that is part of Chrome’s rendering pipeline. Such bugs can lead to arbitrary code execution or application crashes by allowing attackers to manipulate adjacent memory regions.

The second flaw, CVE-2026-3910, stems from an inappropriate implementation in V8, Chrome’s JavaScript and WebAssembly engine. This issue could be exploited by threat actors through malicious web pages, enabling code execution within the browser context.

Exploitation and Protection Measures

Google has confirmed that exploits for both CVE-2026-3909 and CVE-2026-3910 are active, making it crucial for users to update their browsers immediately. Details about these vulnerabilities are currently restricted to prevent further exploitation until users have applied the necessary patches.

To update Chrome manually, users should navigate to Menu → Help → About Google Chrome, where the browser will automatically check for and install the latest update. Restarting the browser is necessary to complete the installation.

Organizations managing Chrome through enterprise policies should prioritize deploying version 146.0.7680.75/76 across their networks promptly, especially in high-risk environments.

Stay informed on cybersecurity updates by following us on Google News, LinkedIn, and X. Contact us to share your cybersecurity insights and stories.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data Cyber Security News
Malicious Go Module Package as Fast SSH Brute Forcer Exfiltrates Passwords via Telegram Malicious Go Module Package as Fast SSH Brute Forcer Exfiltrates Passwords via Telegram Cyber Security News
North Korean Hackers Attacking Developers with 338 Malicious npm Packages North Korean Hackers Attacking Developers with 338 Malicious npm Packages Cyber Security News
Malware Campaign Uses Fake Software to Deploy RATs and Miners Malware Campaign Uses Fake Software to Deploy RATs and Miners Cyber Security News
Avoid Fake Traffic Ticket Sites Stealing Your Data Avoid Fake Traffic Ticket Sites Stealing Your Data Cyber Security News
Numerous Applications Using Google’s Firebase Platform Leaking Highly Sensitive Data Numerous Applications Using Google’s Firebase Platform Leaking Highly Sensitive Data Cyber Security News