Google Chrome Stable Channel Updates
- Thread starter Gandalf_The_Grey
- Start date
Google has released a critical security update for the Chrome Stable channel, addressing two high-severity vulnerabilities that expose users to potential arbitrary code execution (ACE) and denial-of-service (DoS) attacks.
The update pushes the browser version to 144.0.7559.132/.133 for Windows and macOS, and 144.0.7559.132 for Linux.
Chrome Vulnerabilities Let Attackers Execute Arbitrary Code and Crash System
Google has released a critical security update for the Chrome Stable channel, addressing two high-severity vulnerabilities that expose users to potential arbitrary code execution (ACE) and denial-of-service (DoS) attacks.cybersecuritynews.com
Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Google Chrome 144.0.7559.132/.133 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 144.0.7559.132/.133 for Windows/Mac and 144.0.7559.132 for Linux, which will roll out over the comi...
Google Chrome 145.0.7632.45/46 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 145 to the stable channel for Windows, Mac and Linux. This will roll out ov...
Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Google Chrome 145.0.7632.75/76 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 145.0.7632.75/76 for Windows/Mac and 145.0.7632.75 for Linux, which will roll out over the coming d...
Google Chrome 145.0.7632.75/76 Stable Channel Update for Desktop
Stable Channel Update for Desktop
The Stable channel has been updated to 145.0.7632.75/76 for Windows/Mac and 145.0.7632.75 for Linux, which will roll out over the coming d...
The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on February 11, 2026.
"Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page," according to a description of the flaw in the NIST's National Vulnerability Database (NVD).
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed remote code execution.thehackernews.com
Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security flaw patched since the start of the year.
"Google is aware that an exploit for CVE-2026-2441 exists in the wild," Google said in a security advisory issued on Friday.
According to the Chromium commit history, this use-after-free vulnerability (reported by security researcher Shaheen Fazim) is due to an iterator invalidation bug in CSSFontFeatureValuesMap, Chrome's implementation of CSS font feature values. Successful exploitation can allow attackers to trigger browser crashes, rendering issues, data corruption, or other undefined behavior.
The commit message also notes that the CVE-2026-2441 patch addresses "the immediate problem" but indicates there's "remaining work" tracked in bug 483936078, suggesting this might be a temporary fix or that related issues still need to be addressed.
The patch was tagged as "cherry-picked" (or backported) across multiple commits, indicating that it was important enough to include in a stable release rather than waiting for the next major version (likely because the vulnerability is being exploited in the wild).
Although Google found evidence of attackers exploiting this zero-day flaw in the wild, it did not share additional details regarding these incidents.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed," it noted.
Google has now fixed this vulnerability for users in the Stable Desktop channel, with new versions rolling
out to Windows, macOS (145.0.7632.75/76), and Linux users (144.0.7559.75) worldwide over the coming days or weeks.
If you don't want to update manually, you can also let Chrome check for updates automatically and install them after the next launch.
While this is the first actively exploited Chrome security vulnerability patched since the start of 2026, last year Google addressed a total of eight zero-days abused in the wild, many of them reported by the company's Threat Analysis Group (TAG), widely known for tracking and identifying zero-days exploited in spyware attacks targeting high-risk individuals.
I noticed that Chromium browsers are receiving updates every few days this week.
Yes, Patch My PC seems to have been busier than normal, with Chrome updates.
Another Chrome "pulse" update 145.0.7632.110
Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Google Chrome 145.0.7632.109/110 Stable Channel Update for Desktop
Stable Channel Update for Desktop
The Stable channel has been updated to 145.0.7632.109/110 for Windows/Mac and 144.0.7559.109 for Linux, which will roll out over the comin...
Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Google Chrome 145.0.7632.116/117 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 145.0.7632.116/117 for Windows/Mac and 144.0.7559.116 for Linux, which will roll out over the com...
Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Google Chrome 145.0.7632.159/160 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 145.0.7632.159/160 for Windows/Mac and 145.0.7632.159 for Linux, which will roll out over the com...
Google has released a critical security update for Chrome, pushing the Stable channel to version 145.0.7632.159/160 for Windows and Mac, and 145.0.7632.159 for Linux. The update addresses 10 security vulnerabilities, including three rated Critical.
Three of the ten patched flaws carry a Critical severity rating. The most notable is CVE-2026-3536, an integer overflow in Chrome’s ANGLE graphics layer, reported by researcher cinzinga on February 18, 2026, which earned a $33,000 bounty.
A second critical flaw, CVE-2026-3537, involves an object lifecycle issue in PowerVR, reported by Zhihua Yao of KunLun Lab on January 8, earning $32,000. The third critical bug, CVE-2026-3538, is an integer overflow in the Skia graphics engine, reported by Symeon Paraschoudis on February 17.
The remaining seven vulnerabilities are rated High severity and span a range of Chrome subsystems, from V8 and WebAssembly to CSS and Navigation.
The breadth of affected components, spanning graphics rendering (ANGLE, Skia, PowerVR), JavaScript execution (V8), multimedia (WebAudio, WebCodecs), and web standards (CSS, WebAssembly), reflects the wide attack surface modern browsers expose, according to the Google advisory.
Google Releases Emergency Chrome Update to Fix 10 Security Vulnerabilities
Google has released a critical security update for Chrome, pushing the Stable channel to version 145.0.7632.159/160 for Windows and Mac, and 145.0.7632.159 for Linux. The update addresses 10 security vulnerabilities, including three rated Critical, and is rolling out to users over the coming...
Google Chrome 146.0.7680.71/72 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 146 to the stable channel for Windows, Mac and Linux. This will roll out ov...
Google Chrome 146.0.7680.75/76 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 146.0.7680.75/76 for Windows/Mac and 146.0.7680.75 for Linux, which will roll out over the coming d...
Google Chrome 146.0.7680.80 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 146.0.7680.80 for Windows/Mac and 146.0.7680.80 for Linux, which will roll out over the coming days...
Google Chrome 146.0.7680.153/154 Stable Channel Update for Desktop
chromereleases.googleblog.com
Stable Channel Update for Desktop
The Stable channel has been updated to 146.0.7680.153/154 for Windows/Mac and 146.0.7680.153 for Linux, which will roll out over the comin...
Gandalf_The_Grey
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
The Security Fixes and Rewards part was added later, with 26 security fixes!Google Chrome 146.0.7680.153/154 Stable Channel Update for Desktop
Stable Channel Update for Desktop
The Stable channel has been updated to 146.0.7680.153/154 for Windows/Mac and 146.0.7680.153 for Linux, which will roll out over the comin...
You may also like...
-
FGoogle Pays $100,000 in Rewards for Two Chrome Vulnerabilities
- Started by ForgottenSeer 116559
- Replies: 8
-
Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists.- Started by Brownie2019
- Replies: 0
-
Google fixes fifth Chrome zero-day exploited in attacks this year- Started by vtqhtr413
- Replies: 0
-
Google Patches Another Zero-Day Vulnerability in Chrome- Started by lokamoka820
- Replies: 6
-
Google Chrome Hit by Yet Another Zero-Day Exploit, Update Now
- Started by lokamoka820
- Replies: 7