Critical Chrome Update Fixes High-Severity Vulnerabilities

Critical Chrome Update Fixes High-Severity Vulnerabilities

Posted on By CWS

Key Points:

  • Google has released a crucial update for Chrome to tackle two high-risk vulnerabilities.
  • The update is crucial for preventing arbitrary code execution and denial-of-service attacks.
  • Users are advised to update their Chrome browsers immediately.

Google’s Urgent Security Update

In a significant security move, Google has deployed an update for the Chrome Stable channel to address two critical vulnerabilities that could allow attackers to execute arbitrary code and cause system crashes. The update, which elevates the browser version to 144.0.7559.132/.133 for Windows and macOS, and 144.0.7559.132 for Linux, aims to safeguard users from potential threats.

The tech giant confirmed that the update distribution will take place over the upcoming days and weeks. These security patches are focused on rectifying memory corruption issues within the browser’s JavaScript and video processing components.

Understanding the Vulnerabilities

The recent update addresses two specific vulnerabilities, both marked as “High” severity. Exploiting these vulnerabilities typically requires a user to navigate to a specially constructed webpage, triggering the exploit within Chrome’s renderer process.

CVE-2026-1862: Type Confusion in V8
This vulnerability exists in V8, Google’s open-source engine for JavaScript and WebAssembly. Type Confusion arises when the engine misinterprets a memory resource type, such as treating an integer as a pointer, leading to potential memory manipulation by attackers. This flaw was identified by researcher Chaoyuan Peng.

CVE-2026-1861: Heap Buffer Overflow in libvpx
The second flaw is in libvpx, a library for VP8 and VP9 video formats. An overflow can occur when excessive data is written to a memory buffer, potentially overwriting adjacent memory. This can result in a denial-of-service (DoS) or be combined with other exploits for arbitrary code execution.

Implications and Recommendations

Although Google has not disclosed whether these vulnerabilities are actively exploited, they have restricted further details until a substantial number of users have updated their browsers, highlighting the potential for weaponization.

It is strongly recommended for both enterprise administrators and individual users to update their Chrome browsers without delay. To ensure the update is installed, users should navigate to Menu > Help > About Google Chrome and confirm the browser version is 144.0.7559.132 or later.

Conclusion

With the release of this critical update, Google continues to prioritize user security by addressing these high-severity vulnerabilities. Prompt action from users to update their browsers is essential to mitigate potential risks and safeguard against exploits. For ongoing updates in cybersecurity, follow us on Google News, LinkedIn, and X.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Hackers Using AI to Automate Vulnerability Discovery and Malware Generation Hackers Using AI to Automate Vulnerability Discovery and Malware Generation Cyber Security News
New Windows 11 KB5074109 Update Breaks Systems New Windows 11 KB5074109 Update Breaks Systems Cyber Security News
xRAT Malware Attacking Windows Users Disguised as Adult Game xRAT Malware Attacking Windows Users Disguised as Adult Game Cyber Security News
Microsoft Azure Cloud Disrupted by Undersea Cable Cuts in Red Sea Microsoft Azure Cloud Disrupted by Undersea Cable Cuts in Red Sea Cyber Security News
New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers Cyber Security News
APT Hackers Attacking Indian Government Using GOGITTER tool and GITSHELLPAD Malware APT Hackers Attacking Indian Government Using GOGITTER tool and GITSHELLPAD Malware Cyber Security News