Chrome “WebView” Vulnerability Allows Hackers to Bypass Security Restrictions - CybersecurityNews

Home Cyber Security News Chrome “WebView” Vulnerability Allows Hackers to Bypass Security Restrictions Google has released an urgent security update for the Chrome browser to address a high-severity vulnerability in the WebView tag component that could allow attackers to bypass critical security restrictions. Google rolled out Chrome version 143.0.7499.192/.193 for Windows and Mac, and 143.0.7499.192 for Linux, through its Stable channel, to address CVE-2026-0628. The update is being rolled out to users gradually over the coming days and weeks. The security flaw, tracked as CVE-2026-0628, stems from insufficient policy enforcement in the WebView tag component. CVE ID Severity Component Description CVE-2026-0628 High WebView tag Insufficient policy enforcement in the WebView tag. WebView Issue Exposes Apps to Attacks WebView is a crucial Chrome component that enables applications to display web content within their interfaces without launching a full browser. A high-severity rating means attackers could bypass security controls, leading to unauthorized access, data leaks, or the execution of malicious code in apps that use WebView. In line with responsible disclosure practices, Google has temporarily restricted access to detailed bug information until most users have installed the security patch. This approach prevents malicious actors from exploiting the vulnerability while users update their systems. Google acknowledged contributions from external security researchers and emphasized its commitment to collaborative security efforts. Google employs multiple detection methodologies, including AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL, to identify vulnerabilities during development cycles. Users should immediately update Chrome to the latest version by navigating to Settings > Help > About Google Chrome. The browser will automatically check for and install available updates. Organizations using Chrome in enterprise environments should prioritize deploying this security patch across their infrastructure. Google continues to encourage security researchers to report vulnerabilities through its bug bounty program, reinforcing the importance of collaborative security in protecting users worldwide. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security News IBM Uncovers ‘Slopoly,’ Likely AI-Generated Malware Used in Hive0163 Ransomware Attack Cyber Security News Qihoo 360 Leaked Its Own Wildcard SSL Private Key Inside Public AI Installer Cyber Security News Fake FileZilla Downloads Lead to RAT Infections Through Stealthy Multi-Stage Loader Top 10 Essential E-Signature Solutions for Cybersecurity in 2026 January 31, 2026 Top 10 Best Data Removal Services In 2026 January 29, 2026 Best VPN Services of 2026: Fast, Secure & Affordable January 26, 2026 Top 10 Best Data Security Companies in 2026 January 23, 2026 Top 15 Best Ethical Hacking Tools – 2026 January 15, 2026