Jump to content




Update Chrome ASAP to Patch This High-Severity Security Flaw

  •
ResidentialBusiness
in Setting Up Your Home Office

Featured Replies

If you use Google Chrome, you should install the latest update ASAP. Google has issued a patch for a high-severity flaw that has been actively exploited in the wild—the first Chrome zero-day in 2026.

What the Google Chrome patch fixes

The latest flaw, catalogued as CVE-2026-2441, is a use-after-free vulnerability in CSSFontFeatureValuesMap, Chrome's CSS font feature implementation. A use-after-free vulnerability is a flaw in which an application attempts to use memory after it has been released back to the system. This type of bug allows attackers to execute code, escalate privileges, cause app or system crashes, and leak sensitive data.

CVE-2026-2441 would allow "a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page." Essentially, this means malicious HTML content could run code inside a Chrome tab, extension, or plugin. As Malwarebytes explains, this is dangerous because attackers can see or modify whatever the isolated browser tab (sandbox) can access, allowing actions like credential harvesting and traffic rerouting—even if it cannot escape to impact the whole operating system.

Google said that this vulnerability has been exploited in the wild but hasn't provided any specific details as to how. The discovery has been attributed to Shaheen Fazim.

What Chrome users need to do

Google released a Stable channel update on Feb. 13 with a patch for this flaw. The latest versions of Chrome are 145.0.7632.75/76 for Windows and macOS and 144.0.7559.75 for Linux, so you'll want to ensure you are up to date. Go to the Chrome menu and select About Google Chrome to check which version you're on.

Chrome updates automatically when you close and reopen the browser, but if you don't do that regularly, keep an eye out for pending updates in the top-right corner of your browser window. Apply these updates immediately by tapping the three dots and selecting the first menu item. Chrome will need to restart to complete the update.

View the full article
Go to topic listing




Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

Account

Navigation

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.