On Tuesday, Google and Mozilla rolled out significant security updates for their popular web browsers, Chrome and Firefox. These updates aim to rectify various memory safety vulnerabilities, ensuring the protection and security of users.
Chrome 147 Introduces Critical Fixes
The release of Chrome 147 sees the implementation of 30 security fixes, addressing critical-severity use-after-free flaws. These vulnerabilities, identified as CVE-2026-7363, CVE-2026-7361, CVE-2026-7344, and CVE-2026-7343, affect several components, including Canvas, iOS, Accessibility, and Views.
Use-after-free flaws pose a serious threat as they allow applications to reference memory that has been freed, potentially leading to code execution, data leaks, or crashes. The update also mitigates other memory safety issues, including 16 high-severity use-after-free bugs, alongside out-of-bounds, buffer overflow, and type confusion vulnerabilities.
Google has distributed $30,000 in rewards for four security defects, with the highest bounty of $16,000 allocated for a use-after-free vulnerability in the GPU component. However, the total rewards are expected to increase as more details emerge.
Mozilla’s Firefox 150.0.1 Focuses on Memory Safety
Simultaneously, Mozilla introduced Firefox 150.0.1, resolving four critical and high-severity memory safety issues. These vulnerabilities, tracked as CVE-2026-7322, CVE-2026-7323, and CVE-2026-7324, exhibited signs of memory corruption, indicating the potential for arbitrary code execution.
Additionally, CVE-2026-7320 addresses an information disclosure flaw due to incorrect boundary conditions in the Audio/Video component. These updates are included in the latest Firefox ESR releases, 140.10.1 and 115.35.1, which also resolve a sandbox escape vulnerability of medium severity.
Implications for Users and Developers
The latest updates from both Google and Mozilla highlight the ongoing challenges in maintaining browser security. These patches are crucial for safeguarding user data and ensuring stable browser performance.
Users are urged to update their browsers promptly to benefit from these security enhancements. Developers, on the other hand, should take note of the vulnerabilities addressed to improve software security practices.
As the tech industry continues to combat security threats, these updates underscore the importance of staying informed and proactive in addressing potential risks.
