Google has released a critical update for its Chrome browser, advancing the stable channel to version 134.0.6998.88 for Windows, Mac, and Linux, and 134.0.6998.89 for Windows and Mac on the Extended Stable channel.
This update includes several high-priority security fixes to safeguard users against potential threats. The rollout will occur over the coming days and weeks.
The latest update includes five security fixes, with several high-risk vulnerabilities being addressed. These were reported by external researchers and are detailed below:
CVE Number | Risk Level | Description | Reporter Date |
CVE-2025-1920 | High | Type Confusion in V8 | Excello s.r.o., 2025-02-21 |
CVE-2025-2135 | High | Type Confusion in V8 | Zhenghang Xiao (@Kipreyyy), 2025-03-02 |
CVE-TBD | High | Out of bounds write in GPU | Reported on 2025-03-05 |
CVE-2025-2136 | Medium | Use after free in Inspector | Sakana.S, 2025-02-10 |
CVE-2025-2137 | Medium | Out of bounds read in V8 | zeroxiaobai@, 2025-02-25 |
Several researchers received rewards for their contributions:
Google also acknowledged all security researchers who worked during the development cycle to prevent security bugs from reaching the stable channel.
Detailed instructions are available on the Chrome website for users interested in switching release channels.
If you encounter any issues following the update, you can report them by filing a bug or seeking assistance from the community help forum.
Users must update their browsers to protect themselves from the latest security vulnerabilities.
These updates often include fixes for high-risk issues like type confusion and out-of-bounds write/read scenarios, which can be exploited by malicious actors if left unpatched.
As always, vigilance and keeping software up-to-date are key measures in maintaining digital security.
Users are encouraged to keep an eye on the Chrome Security Page for more information and updates on security fixes.
Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
Multiple Dutch organizations have experienced significant service disruptions this week due to a series of…
A major supply chain security incident has rocked the Python open-source community as researchers at…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical vulnerabilities…
NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly…
A 25-year-old man from Santa Clarita, California, has agreed to plead guilty to hacking into…