A brand new Steady-channel launch of Chrome model 144 addresses a high-severity vulnerability within the V8 JavaScript engine.
The replace, model 144.0.7559.96/.97 for Home windows and Mac and 144.0.7559.96 for Linux, started rolling out on January 21, 2026, and can attain all customers over the approaching days and weeks.
The safety patch resolves CVE-2026-1220, a race situation in V8 reported by a safety researcher on January 7, 2026.
CVE IDSeverityComponentDescriptionCVE-2026-1220HighV8Race situation
Essential V8 Vulnerability
The flaw might be exploited via specifically crafted internet content material, probably leading to reminiscence corruption, browser instability, or arbitrary code execution. As a result of browser’s widespread use, profitable exploitation may have an effect on hundreds of thousands of customers globally
Race circumstances happen when a number of processes entry shared assets concurrently, probably permitting attackers to execute malicious code, crash the browser, or entry delicate info.
V8 is Chrome’s core JavaScript engine, making this vulnerability notably regarding because it impacts practically all web-based performance. Google has categorized this as a high-severity difficulty, indicating important threat to customers.
The corporate sometimes restricts entry to detailed bug info till most customers obtain the replace, stopping risk actors from exploiting the vulnerability earlier than patches are broadly deployed.
The Chrome 144 replace follows Google’s normal launch cycle, with deployment steadily rolling out throughout platforms and areas.
Customers can confirm their present model by navigating to Settings > About Chrome, which mechanically checks for updates and prompts set up if wanted.
Chrome’s safety staff emphasizes that many vulnerabilities are detected utilizing superior automated instruments, together with AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Management Stream Integrity, libFuzzer, and AFL.
These instruments assist determine reminiscence corruption points, undefined habits, and different safety flaws earlier than they attain the secure channel.
Enterprise directors managing Chrome deployments throughout organizations ought to prioritize this replace given its excessive severity.
The complete changelog is obtainable via the official Chromium supply repository, offering technical particulars about all adjustments on this construct.
Google acknowledged the safety analysis neighborhood’s contributions, thanking researchers who work with the Chrome staff throughout growth cycles to forestall safety bugs from reaching finish customers.
Customers are strongly inspired to replace their browsers instantly. Chrome sometimes updates mechanically within the background, however guide verification ensures safety towards this V8 race situation.
The Chrome safety web page supplies further details about the browser’s safety structure and ongoing initiatives to guard customers from rising threats.
Google maintains its dedication to transparency whereas balancing accountable disclosure practices that defend customers in the course of the replace rollout interval.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
