Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Chrome 150 Update Fixes Critical Security Flaws

Chrome 150 Update Fixes Critical Security Flaws

Posted on July 15, 2026 By CWS

Google has announced the release of Chrome version 150.0.7871.124/.125 for Windows and macOS, alongside version 150.0.7871.124 for Linux. This latest update in the Stable Channel focuses on rectifying 15 security vulnerabilities, which include two critical memory safety issues in the Ozone component.

Gradual Rollout of Chrome 150

While the update is now available, its deployment will be phased, potentially taking several days or weeks to reach all desktop devices. Google strongly advises both organizations and individual users to update their Chrome browsers promptly as the new version becomes accessible.

The most pressing vulnerabilities, known as CVE-2026-15764 and CVE-2026-15765, involve use-after-free issues within Ozone, Chrome’s platform integration layer. This layer is essential for managing windowing, input, graphics, and display functions across various operating systems.

Understanding Use-After-Free Vulnerabilities

Use-after-free vulnerabilities occur when software continues to access memory after it has been released. Exploiting this flaw could allow an attacker to execute arbitrary code by manipulating memory, particularly through malicious websites or web content.

Google has classified the Ozone vulnerabilities as critical. Despite withholding detailed technical information about these exploits, their severity indicates a significant risk, potentially leading to unauthorized code execution.

Addressing Multiple High-Severity Bugs

Apart from the critical vulnerabilities, Chrome 150 also addresses several high-severity bugs affecting key components. Among these are CVE-2026-15766, an uninitialized-use flaw in Skia, and CVE-2026-15767, a heap buffer overflow in the libyuv library.

Additional vulnerabilities impact V8, Chrome’s JavaScript and WebAssembly engine, including an uninitialized memory use issue (CVE-2026-15770) and a policy enforcement flaw (CVE-2026-15775). Security researcher Salvatore Gulizia reported CVE-2026-15776, a type confusion vulnerability in V8 that could lead to memory corruption.

The update also fixes use-after-free flaws in GPU, Core, Skia, and UI components, as well as addressing insufficient validation and policy enforcement issues in HTML-in-Canvas, Linux Toolkit Theming, Media, and Navigation.

Recommendations and Acknowledgments

Google recommends users update Chrome by navigating to Settings, selecting “About Chrome,” and relaunching the browser post-update. Security teams should confirm that managed systems are running Chrome version 150.0.7871.124 or later on Linux and versions 150.0.7871.124/.125 or later on Windows and macOS.

This release credits Google’s internal researchers, Microsoft’s xinchaotian, and independent researcher Salvatore Gulizia for their contributions. Some details about the reporters and reward amounts are still to be determined.

Cyber Security News Tags:browser security, Chrome update, critical vulnerabilities, CVE vulnerabilities, Cybersecurity, Google Chrome, libyuv, Ozone, security patch, Skia, software update, use-after-free flaw, V8 engine

Post navigation

Previous Post: US Indicts Russians for Cybercrime Operations
Next Post: AI Challenges SASE Security: New Strategies Needed

Related Posts

Zabbix Agent and Agent 2 for Windows Vulnerability Let Attackers Escalate Privileges Zabbix Agent and Agent 2 for Windows Vulnerability Let Attackers Escalate Privileges Cyber Security News
Telegram Users Targeted by Advanced Phishing Scheme Telegram Users Targeted by Advanced Phishing Scheme Cyber Security News
DIG AI – Darknet AI Tool Enabling Threat Actors to Launch Sophisticated Attacks DIG AI – Darknet AI Tool Enabling Threat Actors to Launch Sophisticated Attacks Cyber Security News
AI Systems Can Generate Working Exploits for Published CVEs in 10-15 Minutes AI Systems Can Generate Working Exploits for Published CVEs in 10-15 Minutes Cyber Security News
Windows Rust-based Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error Windows Rust-based Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error Cyber Security News
Threat Actors Weaponizing Nezha Monitoring Tool as Remote Access Trojan Threat Actors Weaponizing Nezha Monitoring Tool as Remote Access Trojan Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Malicious Game Cheats Give Hackers Remote Access to PCs
  • Cloud & Data Security Summit: Key Insights Today
  • AI Challenges SASE Security: New Strategies Needed
  • Chrome 150 Update Fixes Critical Security Flaws
  • US Indicts Russians for Cybercrime Operations

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Malicious Game Cheats Give Hackers Remote Access to PCs
  • Cloud & Data Security Summit: Key Insights Today
  • AI Challenges SASE Security: New Strategies Needed
  • Chrome 150 Update Fixes Critical Security Flaws
  • US Indicts Russians for Cybercrime Operations

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark