Google Urgently Updates Chrome to Fix Exploited Flaws

Google Urgently Updates Chrome to Fix Exploited Flaws

Posted on By CWS

Google has issued a critical security update for Chrome, addressing two zero-day vulnerabilities that are currently being used for malicious purposes.

Immediate Update Recommended for Chrome Users

The Chrome stable channel now includes version 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux. This update is rolling out gradually and is expected to reach all users in the coming days.

Both vulnerabilities were identified by Google’s security team on March 10, 2026, and have been rated as High severity, highlighting the urgent need for users globally to update their Chrome browsers.

Details of the Security Flaws

The first vulnerability, CVE-2026-3909, is an out-of-bounds write issue found in Skia, an open-source graphics engine that is part of Chrome’s rendering pipeline. Such bugs can lead to arbitrary code execution or application crashes by allowing attackers to manipulate adjacent memory regions.

The second flaw, CVE-2026-3910, stems from an inappropriate implementation in V8, Chrome’s JavaScript and WebAssembly engine. This issue could be exploited by threat actors through malicious web pages, enabling code execution within the browser context.

Exploitation and Protection Measures

Google has confirmed that exploits for both CVE-2026-3909 and CVE-2026-3910 are active, making it crucial for users to update their browsers immediately. Details about these vulnerabilities are currently restricted to prevent further exploitation until users have applied the necessary patches.

To update Chrome manually, users should navigate to Menu → Help → About Google Chrome, where the browser will automatically check for and install the latest update. Restarting the browser is necessary to complete the installation.

Organizations managing Chrome through enterprise policies should prioritize deploying version 146.0.7680.75/76 across their networks promptly, especially in high-risk environments.

Stay informed on cybersecurity updates by following us on Google News, LinkedIn, and X. Contact us to share your cybersecurity insights and stories.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Critical SolarWinds Vulnerability Exposes 170 Installations Critical SolarWinds Vulnerability Exposes 170 Installations Cyber Security News
New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials Cyber Security News
New HTTP/2 MadeYouReset Vulnerability Enables Large-Scale DDoS Attacks New HTTP/2 MadeYouReset Vulnerability Enables Large-Scale DDoS Attacks Cyber Security News
Citrix Netscaler 0-day RCE Vulnerability Patched Citrix Netscaler 0-day RCE Vulnerability Patched Cyber Security News
M365Pwned Toolkit Enhances Microsoft 365 Exploitation M365Pwned Toolkit Enhances Microsoft 365 Exploitation Cyber Security News
Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware Cyber Security News