Google Urgently Updates Chrome to Fix Exploited Flaws

Google Urgently Updates Chrome to Fix Exploited Flaws

Posted on By CWS

Google has issued a critical security update for Chrome, addressing two zero-day vulnerabilities that are currently being used for malicious purposes.

Immediate Update Recommended for Chrome Users

The Chrome stable channel now includes version 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux. This update is rolling out gradually and is expected to reach all users in the coming days.

Both vulnerabilities were identified by Google’s security team on March 10, 2026, and have been rated as High severity, highlighting the urgent need for users globally to update their Chrome browsers.

Details of the Security Flaws

The first vulnerability, CVE-2026-3909, is an out-of-bounds write issue found in Skia, an open-source graphics engine that is part of Chrome’s rendering pipeline. Such bugs can lead to arbitrary code execution or application crashes by allowing attackers to manipulate adjacent memory regions.

The second flaw, CVE-2026-3910, stems from an inappropriate implementation in V8, Chrome’s JavaScript and WebAssembly engine. This issue could be exploited by threat actors through malicious web pages, enabling code execution within the browser context.

Exploitation and Protection Measures

Google has confirmed that exploits for both CVE-2026-3909 and CVE-2026-3910 are active, making it crucial for users to update their browsers immediately. Details about these vulnerabilities are currently restricted to prevent further exploitation until users have applied the necessary patches.

To update Chrome manually, users should navigate to Menu → Help → About Google Chrome, where the browser will automatically check for and install the latest update. Restarting the browser is necessary to complete the installation.

Organizations managing Chrome through enterprise policies should prioritize deploying version 146.0.7680.75/76 across their networks promptly, especially in high-risk environments.

Stay informed on cybersecurity updates by following us on Google News, LinkedIn, and X. Contact us to share your cybersecurity insights and stories.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network Cyber Security News
North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data North Korean Hackers Attacking Unmanned Aerial Vehicle Industry to Steal Confidential Data Cyber Security News
Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products Cyber Security News
Lazarus Hackers Deploying Three RATs on Compromised Systems Possibly Using 0-Day Vulnerability Lazarus Hackers Deploying Three RATs on Compromised Systems Possibly Using 0-Day Vulnerability Cyber Security News
10-Year-Old Roundcube RCE Vulnerability Let Attackers Execute Malicious Code 10-Year-Old Roundcube RCE Vulnerability Let Attackers Execute Malicious Code Cyber Security News
Fake Fortinet Sites Steal VPN Credentials in Sophisticated Phishing Attack Fake Fortinet Sites Steal VPN Credentials in Sophisticated Phishing Attack Cyber Security News