Google Chrome Critical Update Patches High-Severity Code

Emergency Chrome Update Released

Google has released a critical security update for the Chrome Stable channel, addressing two high-severity vulnerabilities that expose users to potential arbitrary code execution (ACE) and denial-of-service (DoS) attacks.

Updated Versions

Platform	Version
Windows	144.0.7559.132/.133
macOS	144.0.7559.132/.133
Linux	144.0.7559.132

Vulnerability Details

Memory Corruption in V8 JavaScript Engine

The first vulnerability affects Chrome's V8 JavaScript engine, the component responsible for executing JavaScript code. Memory corruption flaws in V8 are particularly dangerous because:

JavaScript runs automatically when visiting websites
Exploitation requires only visiting a malicious page
Successful attacks can escape the browser sandbox

Heap Overflow in Video Processing

The second vulnerability involves a heap buffer overflow in Chrome's video processing libraries. This flaw could be triggered by:

Maliciously crafted video files
Embedded video content on websites
Streaming media from compromised sources

Attack Scenario

1. User visits attacker-controlled website
2. Malicious JavaScript or video content triggers vulnerability
3. Memory corruption achieved in renderer process
4. Attacker executes arbitrary code
5. Potential sandbox escape for full system access

Zero-Day Status Unknown

Google has not disclosed whether these vulnerabilities are currently being exploited in the wild. Following standard practice, bug details remain restricted until the majority of users have updated.

"Given the nature of V8 and heap overflow vulnerabilities, the risk of weaponization remains high." — Cybersecurity News

How to Update Chrome

Automatic Update

Chrome should update automatically. To verify:

Click the three-dot menu (⋮)
Go to Help → About Google Chrome
Chrome will check for and install updates
Click Relaunch to complete the update

Manual Update Check

chrome://settings/help

Verify Your Version

Ensure you're running at least:

144.0.7559.132 (Windows/Linux)
144.0.7559.133 (Windows/macOS alternate)

Enterprise Deployment

For enterprise environments using Chrome management:

Group Policy Update

# Force Chrome update via registry
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Google\Update" -Name "Update{8A69D345-D564-463C-AFF1-A69D9E530F96}" -Value 1
 
# Trigger update check
& "C:\Program Files\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler

Chrome Browser Cloud Management

Navigate to Google Admin Console
Devices → Chrome → Settings
Set minimum version requirement to 144.0.7559.132

Mitigation Until Patched

If immediate patching isn't possible:

Disable JavaScript for untrusted sites (breaks most websites)
Use Site Isolation - Already enabled by default
Enable Enhanced Protection in Chrome settings
Avoid untrusted websites until update is applied

Browser Security Best Practices

Enable Enhanced Safe Browsing

Settings → Privacy and security → Security → Enhanced protection

Keep Extensions Minimal

Remove unused extensions
Only install from Chrome Web Store
Review extension permissions regularly

Use Separate Profiles

Create dedicated profiles for sensitive activities
Banking/financial in separate profile
Limit cross-site tracking

Historical Context

Chrome security updates in 2026 so far:

Date	Vulnerabilities Fixed	Critical/High
Jan 9	8	3
Jan 23	12	5
Feb 4	2	2

Sources

Browser Security Hardening Guide
Enterprise Chrome Deployment

Emergency Chrome Update Released

Updated Versions

Platform	Version
Windows	144.0.7559.132/.133
macOS	144.0.7559.132/.133
Linux	144.0.7559.132

Vulnerability Details

Memory Corruption in V8 JavaScript Engine

The first vulnerability affects Chrome's V8 JavaScript engine, the component responsible for executing JavaScript code. Memory corruption flaws in V8 are particularly dangerous because:

JavaScript runs automatically when visiting websites
Exploitation requires only visiting a malicious page
Successful attacks can escape the browser sandbox

Heap Overflow in Video Processing

The second vulnerability involves a heap buffer overflow in Chrome's video processing libraries. This flaw could be triggered by:

Maliciously crafted video files
Embedded video content on websites
Streaming media from compromised sources

Attack Scenario

1. User visits attacker-controlled website
2. Malicious JavaScript or video content triggers vulnerability
3. Memory corruption achieved in renderer process
4. Attacker executes arbitrary code
5. Potential sandbox escape for full system access

Zero-Day Status Unknown

Google has not disclosed whether these vulnerabilities are currently being exploited in the wild. Following standard practice, bug details remain restricted until the majority of users have updated.

"Given the nature of V8 and heap overflow vulnerabilities, the risk of weaponization remains high." — Cybersecurity News

How to Update Chrome

Automatic Update

Chrome should update automatically. To verify:

Click the three-dot menu (⋮)
Go to Help → About Google Chrome
Chrome will check for and install updates
Click Relaunch to complete the update

Manual Update Check

chrome://settings/help

Verify Your Version

Ensure you're running at least:

144.0.7559.132 (Windows/Linux)
144.0.7559.133 (Windows/macOS alternate)

Enterprise Deployment

For enterprise environments using Chrome management:

Group Policy Update

# Force Chrome update via registry
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Google\Update" -Name "Update{8A69D345-D564-463C-AFF1-A69D9E530F96}" -Value 1
 
# Trigger update check
& "C:\Program Files\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler

Chrome Browser Cloud Management

Navigate to Google Admin Console
Devices → Chrome → Settings
Set minimum version requirement to 144.0.7559.132

Mitigation Until Patched

If immediate patching isn't possible:

Disable JavaScript for untrusted sites (breaks most websites)
Use Site Isolation - Already enabled by default
Enable Enhanced Protection in Chrome settings
Avoid untrusted websites until update is applied

Browser Security Best Practices

Enable Enhanced Safe Browsing

Settings → Privacy and security → Security → Enhanced protection

Keep Extensions Minimal

Remove unused extensions
Only install from Chrome Web Store
Review extension permissions regularly

Use Separate Profiles

Create dedicated profiles for sensitive activities
Banking/financial in separate profile
Limit cross-site tracking

Historical Context

Chrome security updates in 2026 so far:

Date	Vulnerabilities Fixed	Critical/High
Jan 9	8	3
Jan 23	12	5
Feb 4	2	2

Sources

Browser Security Hardening Guide
Enterprise Chrome Deployment

Emergency Chrome Update Released

Updated Versions

Vulnerability Details

Memory Corruption in V8 JavaScript Engine

Heap Overflow in Video Processing

Attack Scenario

Zero-Day Status Unknown

How to Update Chrome

Automatic Update

Manual Update Check

Verify Your Version

Enterprise Deployment

Group Policy Update

Chrome Browser Cloud Management

Mitigation Until Patched

Browser Security Best Practices

Enable Enhanced Safe Browsing

Keep Extensions Minimal

Use Separate Profiles

Historical Context

Sources

Related Articles

Emergency Chrome Update Released

Updated Versions

Vulnerability Details

Memory Corruption in V8 JavaScript Engine

Heap Overflow in Video Processing

Attack Scenario

Zero-Day Status Unknown

How to Update Chrome

Automatic Update

Manual Update Check

Verify Your Version

Enterprise Deployment

Group Policy Update

Chrome Browser Cloud Management

Mitigation Until Patched

Browser Security Best Practices

Enable Enhanced Safe Browsing

Keep Extensions Minimal

Use Separate Profiles

Historical Context

Sources

Related Articles