Google Urges Chrome Update to Block Critical Threats

Google Urges Chrome Update to Block Critical Threats

Posted on By CWS

Google has issued an urgent update for its Chrome browser, addressing a series of vulnerabilities, including two critical flaws, that could enable hackers to run unauthorized code on affected systems. Users are strongly advised to update to the latest version to safeguard against potential threats.

Details of Critical Vulnerabilities

The most severe vulnerabilities, identified internally by Google on April 20, 2026, have been categorized as Critical. These include CVE-2026-9111, a Use-After-Free issue in WebRTC that could allow memory corruption and remote code execution, and CVE-2026-9110, which involves an Inappropriate Implementation in the UI layer that might let attackers bypass security measures or manipulate browser interfaces.

Such vulnerabilities, particularly use-after-free bugs, pose significant risks as they can enable attackers to exploit released memory, potentially leading to a complete system breach when combined with other exploits.

High-Severity Vulnerabilities Addressed

In addition to the critical issues, Google has also patched nine high-severity vulnerabilities affecting various components. These include use-after-free bugs and out-of-bounds reads in the GPU and other systems. Disclosures by external researchers, including one identified as c6eed09fc8b174b0f3eebedcceb1e792, were key in identifying these flaws, earning them a total of $14,000 in bug bounties.

Other notable vulnerabilities patched include issues in QUIC, Service Worker, GFX, XR, and WebRTC, all of which had the potential for significant security breaches if left unaddressed.

Medium-Severity Fixes and Recommendations

Google also addressed five medium-severity vulnerabilities. These involved out-of-bounds reads and heap buffer overflows, as well as insufficient input validation and use-after-free issues within different components like the GPU and DOM.

To mitigate the risks, Google has restricted details of these bugs until the majority of users have updated their browsers. Users are urged to navigate to chrome://settings/help to ensure they are using version 148.0.7778.178 or later. Restarting Chrome will apply any pending updates. Enterprise administrators should deploy these updates using policy management tools and stay informed via Chrome release notes and CISA advisories.

For the latest updates, follow us on Google News, LinkedIn, and X.

Cyber Security News Tags:, , , , , , , , , , , ,

Related Posts

AI Phishing Is Your Company’s Biggest Security Risk in 2026 AI Phishing Is Your Company’s Biggest Security Risk in 2026 Cyber Security News
Cybersecurity Alert: Fake CAPTCHA Attack Endangers Enterprises Cybersecurity Alert: Fake CAPTCHA Attack Endangers Enterprises Cyber Security News
Wireshark Vulnerabilities Let Attackers Crash by Injecting a Malformed Packet Wireshark Vulnerabilities Let Attackers Crash by Injecting a Malformed Packet Cyber Security News
New Research Unmask DPRK IT Workers Email Address and Hiring Patterns New Research Unmask DPRK IT Workers Email Address and Hiring Patterns Cyber Security News
Healthcare Firm Faces Cyberattack Exposing Patient Data Healthcare Firm Faces Cyberattack Exposing Patient Data Cyber Security News
Top 10 Best Fraud Prevention Companies in 2025 Top 10 Best Fraud Prevention Companies in 2025 Cyber Security News