Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities

Posted on By CWS

Google and Mozilla this week launched Chrome and Firefox browser updates that deal with a number of high-severity vulnerabilities.

Google promoted Chrome 141 to the steady channel with 21 safety fixes, together with 12 for safety defects reported by exterior researchers, who earned a complete of $50,000 for his or her findings.

Two of the externally reported bugs, tracked as CVE-2025-11205 and CVE-2025-11206, are high-severity heap buffer overflow points impacting Chrome’s WebGPU and Video parts.

Google says it handed out a $25,000 bug bounty reward for the WebGPU flaw, which was reported by Atte Kettunen of OUSPG in early September.

Chrome 141 additionally resolves eight medium-severity vulnerabilities, together with side-channel data leakage points in Storage and Tab, inappropriate implementation bugs in Media and Omnibox, an out-of-bounds learn flaw in Media, and an off-by-one error within the V8 JavaScript engine.

The remaining two safety holes reported by exterior researchers are low-severity points affecting Chrome’s Storage element and the V8 engine.

The newest Chrome iteration is rolling out as model 141.0.7390.54 for Linux and as variations 141.0.7390.54/55 for Home windows and macOS. The patches had been additionally included in Chrome 141.0.7390.43 for Android.

Mozilla launched Firefox 143.0.3 this week with fixes for 2 high-severity defects within the Graphics and JavaScript Engine parts.Commercial. Scroll to proceed studying.

The Graphics flaw, tracked as CVE-2025-11152, is an integer overflow situation that would result in sandbox escape. The JavaScript Engine weak point, tracked as CVE-2025-11153, is described as a JIT miscompilation.

Neither Google nor Mozilla point out any of those vulnerabilities being exploited within the wild, however customers are suggested to replace their browsers as quickly as potential.

Associated: Chrome 140 Replace Patches Sixth Zero-Day of 2025

Associated: OpenSSL Vulnerabilities Permit Personal Key Restoration, Code Execution, DoS Assaults

Associated: AMTSO Releases Sandbox Analysis Framework

Associated: Safety is All over the place. Can Your Providers Hold Up?

Security Week News Tags:, , , , ,

Related Posts

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC Security Week News
Cyberattack Targets International Criminal Court Security Week News
Cyber Intelligence Firm iCOUNTER Emerges From Stealth With $30 Million in Funding Security Week News
GPT-5 Has a Vulnerability: Its Router Can Send You to Older, Less Safe Models Security Week News
Chrome Update Patches Fifth Zero-Day of 2025 Security Week News
Surge in Cyberattacks Targeting Journalists: Cloudflare Security Week News