Google Chrome Emergency Security Update Patches Three High-Severity Vulnerabilities - CyberSecurityNews

Home Cyber Security Google Chrome Emergency Security Update Patches Three High-Severity Vulnerabilities Google Chrome Emergency Security Update Google has released a critical security update for its Chrome browser, pushing version 145.0.7632.116/117 to Windows and macOS users, while Linux users receive version 144.0.7559.116. The update, which is rolling out progressively over the coming days and weeks, addresses three high-severity vulnerabilities that could expose users to significant risk if left unpatched. The update carries considerable urgency given that all three CVEs are rated High severity, a classification Google reserves for vulnerabilities with significant exploitation potential. Two of the flaws involve out-of-bounds memory access, a class of bug that frequently serves as a foundation for remote code execution or sandbox escape chains when combined with additional exploits. Organizations and individual users running Chrome on Windows or macOS are strongly advised to verify their browser version and apply the update as soon as it becomes available in their region. Google Chrome Emergency Security Update The first issue, CVE-2026-3061, is an out-of-bounds read vulnerability in Chrome’s Media component, reported by security researcher Luke Francis on February 9, 2026. Out-of-bounds reads in media processing pipelines are particularly concerning because they can be triggered through maliciously crafted media files or web-based content, making drive-by exploitation via compromised websites a realistic attack vector. CVE-2026-3062 affects Tint, the WebGPU shader compiler used internally by Chrome, and involves both out-of-bounds read and write conditions. Reported by researcher Cinzinga on February 11, 2026, this flaw is arguably the most technically severe of the three. Out-of-bounds write vulnerabilities in graphics or shader processing can lead to memory corruption, enabling attackers to potentially achieve arbitrary code execution within the renderer process. As WebGPU adoption grows, vulnerabilities in components like Tint represent an expanding attack surface. The third vulnerability, CVE-2026-3063, involves an inappropriate implementation in Chrome DevTools, reported by M. Fauzan Wijaya (Gh05t666nero) on February 17, 2026. While this category is typically less severe than memory corruption bugs, inappropriate implementations in developer tooling can enable cross-origin data leaks, privilege abuse, or the bypass of security boundaries under specific conditions. Google has noted that access to detailed bug reports will remain restricted until the majority of users have received the fix. This responsible disclosure practice helps limit the window of exploitation by preventing threat actors from weaponizing technical details before patches are widely deployed. CVE ID Severity Affected Component Description Reporter CVE-2026-3061 High Media Out-of-bounds read Luke Francis CVE-2026-3062 High Tint (WebGPU) Out-of-bounds read and write cinzinga CVE-2026-3063 High DevTools Inappropriate implementation M. Fauzan Wijaya (Gh05t666nero) Users should navigate to chrome://settings/help to check their current version and trigger an update manually rather than waiting for the automatic rollout. Enterprise administrators should prioritize pushing this update through their management platforms, given the High severity ratings. Google also credited its internal security teams for delivering additional fixes through continuous audits, fuzzing, and vulnerability research programs that complement external bug bounty contributions. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security Cisco Firewall 0-day Vulnerability Exploited in the Wild to Deploy Interlock Ransomware Cyber Attack News New iOS Exploit With Advanced iPhone Hacking Tools Attacking Users to Steal Personal Data ANY.RUN The High Cost of Slow Triage: How to Make Tier 1 the Fastest Layer in Your SOC  Top 10 Essential E-Signature Solutions for Cybersecurity in 2026 January 31, 2026 Top 10 Best Data Removal Services In 2026 January 29, 2026 Best VPN Services of 2026: Fast, Secure & Affordable January 26, 2026 Top 10 Best Data Security Companies in 2026 January 23, 2026 Top 15 Best Ethical Hacking Tools – 2026 January 15, 2026