{"id":237019,"date":"2026-06-25T07:22:00","date_gmt":"2026-06-25T11:22:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/25\/update-chrome-to-patch-critical-browser-security-flaws\/"},"modified":"2026-06-25T09:25:11","modified_gmt":"2026-06-25T13:25:11","slug":"update-chrome-to-patch-critical-browser-security-flaws","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/25\/update-chrome-to-patch-critical-browser-security-flaws\/","title":{"rendered":"Update Chrome to patch critical browser security flaws"},"content":{"rendered":"<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/update-chrome-to-patch-critical-browser-security-flaws\">Update Chrome to patch critical browser security flaws<\/a><\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/update-chrome-to-patch-critical-browser-security-flaws\">https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/update-chrome-to-patch-critical-browser-security-flaws<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-25 07:22:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.malwarebytes.com\">www.malwarebytes.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>Google released a security update for Chrome that fixes 18 vulnerabilities, including four rated Critical. There is no indication that any of these newly patched bugs are being actively exploited in the wild.<\/p>\n<p>The stable channel has been updated to 149.0.7827.196\/197 for Windows and Mac and 149.0.7827.196 for Linux. The update will roll out over the coming days and weeks. Chrome for Android was also recently updated to 149.0.7827.197.<\/p>\n<p>How to update Chrome<\/p>\n<p>If you don\u2019t want to wait for the rollout to reach you, manually updating is easy.<\/p>\n<p>The easiest option is to allow Chrome to update automatically. But you can end up lagging behind on updates if you never close your browser or if something goes wrong, such as an extension preventing the update.<\/p>\n<p>To update manually, click the\u00a0More\u00a0menu (three dots),\u00a0then\u00a0go to\u00a0Settings\u00a0>\u00a0About Chrome. If an update is available, Chrome will start downloading it automatically. Restart Chrome to complete the update, and you\u2019ll be protected against these vulnerabilities.<\/p>\n<p>Chrome 149.0.7827.196\/197 is up to date<\/p>\n<p>You can find an explanation of the version numbering system and also find step-by-step instructions in our guide to\u00a0how to update Chrome on every operating system.<\/p>\n<p>Technical details<\/p>\n<p>Let\u2019s look at the two Critical WebGL vulnerabilities. WebGL, short for Web Graphics Library, is a browser technology that lets websites display interactive 2D and 3D graphics.<\/p>\n<p>We\u2019ll start with the only vulnerability that wasn\u2019t discovered by Google. It\u2019s a use-after-free vulnerability in WebGL, tracked as CVE-2026-13028, that could allow an attacker to escape Chrome\u2019s browser sandbox using a specially crafted HTML page.<\/p>\n<p>Use-after-free is a class of vulnerability caused by incorrect use of dynamic memory during a program\u2019s operation. If, after freeing a memory location, a program does not clear the pointer to that memory, an attacker can abuse that mistake to crash a program or make it run code it should not run.<\/p>\n<p>The browser sandbox is a restricted, sealed-off environment that is supposed to contain any malicious activity within the browser rather than directly on your whole computer.\u00a0So a sandbox escape is dangerous because it can help attackers move from \u201csomething bad happened inside the browser\u201d to \u201csomething bad can affect the wider system.\u201d<\/p>\n<p>The other Critical WebGL vulnerability is CVE-2026-13032. It\u2019s also a use-after-free\u00a0 flaw that could allow a remote attacker to escape the sandbox via a crafted HTML page.<\/p>\n<p>Even without confirmed in\u2011the\u2011wild exploitation for these CVEs, Chrome has had several zero\u2011days exploited this year, so attackers clearly invest in web-based attacks. For example, CVE\u20112026\u20112441, which got its own separate update, allowed attackers to run code inside Chrome\u2019s sandbox through a malicious web page. Paired with either of the WebGL flaws discussed above, it could have helped attackers break out of the browser\u2019s protections. Together, those vulnerabilities could potentially have allowed attackers to take control of the wider system.<\/p>\n<p>Stop threats before they can do any harm.<\/p>\n<p>Malwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser \u2192<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Update Chrome to patch critical browser security flaws https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/update-chrome-to-patch-critical-browser-security-flaws Publish Date: 2026-06-25 07:22:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":237020,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2023\/11\/Chrome-1200.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[25,27],"class_list":["post-237019","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-phishing","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237019"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=237019"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237019\/revisions"}],"predecessor-version":[{"id":237021,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237019\/revisions\/237021"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/237020"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=237019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=237019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=237019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}