Emergency Security Update for Google Chrome Google has pushed version 145.0.7632.116/117, a critical security update for Chrome, to Windows and macOS users, and version 144.0.7559.116 for Linux users This article explores security update chrome. . The update, which will be gradually released over the next few days and weeks, fixes three high-severity flaws that, if unpatched, could put users at serious risk.

Find out more Reports on cyber threats Tools for vulnerability assessment Online Given that all three CVEs have been assigned a High severity rating—a designation Google saves for vulnerabilities with substantial exploitation potential—the update is extremely urgent. Two of the vulnerabilities are related to out-of-bounds memory access, a type of bug that often provides a base for sandbox escape chains or remote code execution when coupled with other exploits.

It is highly recommended that businesses and individuals using Chrome on Windows or macOS check the version of their browser and install the update as soon as it is available in their area. Update for Google Chrome's Emergency Security On February 9, 2026, security researcher Luke Francis discovered the first problem, CVE-2026-3061, which is an out-of-bounds read vulnerability in Chrome's Media component. Because maliciously created media files or web-based content can cause out-of-bounds reads in media processing pipelines, drive-by exploitation through compromised websites is a plausible attack vector.

CVE-2026-3062 involves both out-of-bounds read and write conditions and impacts Tint, the WebGPU shader compiler that Chrome uses internally.

This flaw, which was discovered on February 11, 2026, by researcher Cinzinga, is possibly the most serious of the three. Memory corruption caused by out-of-bounds write vulnerabilities in graphics or shader processing may allow attackers to execute code arbitrarily within the renderer process. Vulnerabilities in components such as Tint represent an increasing attack surface as WebGPU adoption increases.

Find out more Solutions for quantum computing Service for vulnerability assessments Take advantage of On February 17, 2026, M. Fauzan Wijaya (Gh05t666nero) reported the third vulnerability, CVE-2026-3063, which is related to an improper implementation in Chrome DevTools. Although this category is usually less serious than memory corruption bugs, under certain circumstances, improper developer tooling implementations can allow privilege abuse, cross-origin data leaks, or the circumvention of security boundaries.

Google has stated that until the majority of users have received the fix, access to comprehensive bug reports will continue to be limited. This responsible disclosure practice helps limit the window of exploitation by preventing threat actors from weaponizing technical details before patches are widely deployed. Severity of CVE ID Affected Component Description Reporter CVE-2026-3061 High Media Out-of-bounds read Luke Francis CVE-2026-3062 High Tint (WebGPU) Out-of-bounds read and write cinzinga CVE-2026-3063 High DevTools Inappropriate implementation M. Fauzan Wijaya (Gh05t666nero) Users should navigate to chrome://settings/help to check their current version and trigger an update manually rather than waiting for the automatic rollout.

Enterprise administrators should prioritize pushing this update through their management platforms, given the High severity ratings.

Google also gave credit to its internal security teams for providing extra fixes through vulnerability research programs, fuzzing, and ongoing audits that supplement contributions from outside bug bounty programs. Learn more about X for daily cybersecurity updates, LinkedIn, and network security devices that manage ransomware security patches. To have your stories featured, get in touch with us.