Chrome Security Update Fixes 8 Vulnerabilities Allowing Remote Code Execution

Home Chrome Chrome Security Update Fixes 8 Vulnerabilities Allowing Remote Code Execution Google has rolled out an urgent security update for the Chrome browser to address eight high-severity vulnerabilities. These newly patched security flaws could allow threat actors to execute arbitrary code remotely, posing a significant risk to user data and system integrity. The stable channel is currently receiving updates to version 146.0.7680.164 or 146.0.7680.165 for Windows and macOS users. Meanwhile, Linux users will receive version 146.0.7680.164. Google expects these critical updates to reach all users over the coming days and weeks. Chrome Security Update The latest patches resolve several dangerous memory management and processing errors within Chrome’s underlying architecture. Among the patched issues are “Use-After-Free” vulnerabilities in components such as Dawn, WebGPU, and FedCM. These specific flaws occur when a program continues to use a memory pointer after the memory has been freed, allowing attackers to inject and execute malicious payloads. Additionally, Google addressed heap buffer overflows in WebAudio and WebGL, out-of-bounds reading flaws in CSS, and an integer overflow in the Fonts component. When chained together or successfully exploited, these memory corruption vulnerabilities give cybercriminals a path to bypass browser security sandboxes and compromise the host machine entirely. Google’s development teams heavily rely on advanced testing tools such as AddressSanitizer, MemorySanitizer, and libFuzzer to identify complex security bugs before they reach the stable channel. The update addresses the following eight high-severity vulnerabilities: CVE Identifier Component Vulnerability Type CVE-2026-4673 WebAudio Heap buffer overflow CVE-2026-4674 CSS Out of bounds read CVE-2026-4675 WebGL Heap buffer overflow CVE-2026-4676 Dawn Use after free CVE-2026-4677 WebAudio Out of bounds read CVE-2026-4678 WebGPU Use after free CVE-2026-4679 Fonts Integer overflow CVE-2026-4680 FedCM Use after free To protect the user base, Google intentionally restricts access to specific technical bug details and exploit links. This industry standard practice ensures that most users can install the security update before threat actors can reverse-engineer the patch to launch widespread attacks. The company also maintains restrictions if a vulnerability exists in a third-party library that other software projects depend on. Google actively rewards security researchers for responsibly disclosing these threats, paying out a confirmed $7,000 bounty for the WebAudio vulnerability alone, with several other reward amounts still to be determined. Cybersecurity professionals and everyday users must prioritize applying this update immediately. To ensure your browser is fully protected against these potential remote code execution threats, navigate to the Chrome menu, select “Help,” and click on “About Google Chrome.” This action forces the browser to check for the latest version and automatically download the security patch. Administrators managing enterprise environments should push the update through their patch management systems to efficiently secure network endpoints. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security News Hackers Attacking Android Users With Fake ChatGPT Invites to Deploy Malware Cyber Security News 511,000+ End-of-Life Microsoft IIS Instances Exposed Online, Secure Now! Cyber Security News Mazda Data Breach Exposing Employee and Partner Records Via System Vulnerability Top 10 Essential E-Signature Solutions for Cybersecurity in 2026 January 31, 2026 Top 10 Best Data Removal Services In 2026 January 29, 2026 Best VPN Services of 2026: Fast, Secure & Affordable January 26, 2026 Top 10 Best Data Security Companies in 2026 January 23, 2026 Top 15 Best Ethical Hacking Tools – 2026 January 15, 2026