Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
PamStealer Mimics Maccy, Silently Harvests Data
July 4, 2026
Critical FatFs Vulnerabilities Expose Millions of Embedded Devices
July 4, 2026
Critical Linux Kernel Vulnerability CVE-2023-0179 Grants Root Access
July 4, 2026
Home/CyberSecurity News/Chrome 122.0.6261.111 Fixes 8 Vulnerabilities, Including RCE
CyberSecurity News

Chrome 122.0.6261.111 Fixes 8 Vulnerabilities, Including RCE

Key Takeaways Google has released an urgent security update for its Chrome browser, addressing eight high-severity vulnerabilities. These flaws, including multiple Use-After-Free and heap buffer...

Sarah simpson
Sarah simpson
March 24, 2026 3 Min Read
52 0

Key Takeaways

  • Google has released an urgent security update for its Chrome browser, addressing eight high-severity vulnerabilities.
  • These flaws, including multiple Use-After-Free and heap buffer overflow issues, could enable remote code execution (RCE).
  • The update affects Chrome users on Windows, macOS, and Linux, with new versions 146.0.7680.164/.165 for Windows/macOS and 146.0.7680.164 for Linux.
  • Immediate patching is critical to mitigate the risk of attackers exploiting these memory corruption vulnerabilities.

Google has rolled out a critical security update for its Chrome web browser, patching eight high-severity vulnerabilities that could allow attackers to execute arbitrary code remotely. This urgent release underscores the continuous threat landscape faced by internet users and the proactive measures taken by browser developers to safeguard their platforms.

Table Of Content

  • Key Takeaways
  • Chrome Security Update Details
  • Critical Vulnerability Types Addressed
  • Identified High-Severity Vulnerabilities
  • What You Should Do

The patches are now being distributed across the stable channel. Windows and macOS users will see their browsers update to version 146.0.7680.164 or 146.0.7680.165, while Linux users will receive version 146.0.7680.164. Google anticipates these essential updates will propagate to all users over the coming days and weeks, reinforcing the need for prompt action from individuals and organizations.

Chrome Security Update Details

The latest Chrome update addresses a range of dangerous memory management and processing errors embedded within the browser’s core architecture. These types of flaws are frequently targeted by malicious actors due to their potential for severe exploitation.

Critical Vulnerability Types Addressed

Among the most concerning issues resolved are several “Use-After-Free” vulnerabilities found in critical components such as Dawn, WebGPU, and FedCM. These particular flaws arise when a program attempts to access memory that has already been deallocated, creating a window for attackers to inject and execute malicious code. Successful exploitation of such vulnerabilities can lead to system instability and, more critically, remote code execution.

Additionally, Google has fixed heap buffer overflows within WebAudio and WebGL, out-of-bounds read errors in CSS, and an integer overflow affecting the Fonts component. When exploited, especially in combination, these memory corruption vulnerabilities can enable cybercriminals to bypass the browser’s security sandbox, potentially leading to a full compromise of the underlying host machine.

Google’s development teams leverage sophisticated testing tools like AddressSanitizer, MemorySanitizer, and libFuzzer to proactively identify complex security bugs before they can impact the stable user base, as detailed on the official Chrome Releases blog.

Identified High-Severity Vulnerabilities

The update specifically addresses the following eight high-severity vulnerabilities:

  • CVE-2026-4673: Heap buffer overflow in WebAudio
  • CVE-2026-4674: Out of bounds read in CSS
  • CVE-2026-4675: Heap buffer overflow in WebGL
  • CVE-2026-4676: Use after free in Dawn
  • CVE-2026-4677: Out of bounds read in WebAudio
  • CVE-2026-4678: Use after free in WebGPU
  • CVE-2026-4679: Integer overflow in Fonts
  • CVE-2026-4680: Use after free in FedCM

In line with industry best practices, Google has elected to withhold specific technical details and exploit links for these vulnerabilities. This measure is designed to give the majority of users ample time to apply the security update before threat actors can reverse-engineer the patches and develop widespread exploits. Similar restrictions are maintained when vulnerabilities exist in third-party libraries that other software projects depend on.

Google also continues to recognize and reward security researchers for their responsible disclosure efforts. A confirmed bounty of $7,000 has already been paid for the WebAudio vulnerability, with additional reward amounts for other discoveries still pending determination.

What You Should Do

  • Update Immediately: All Google Chrome users should update their browsers without delay to the latest stable version (146.0.7680.164/.165 for Windows/macOS, 146.0.7680.164 for Linux).
  • Manual Update Check: To ensure your browser is protected, navigate to the Chrome menu (three dots in the top right), select “Help,” and then click “About Google Chrome.” This action will prompt the browser to check for and automatically install the latest security patch.
  • Enterprise Deployment: System administrators in enterprise environments must prioritize pushing this update through their patch management systems to secure all network endpoints efficiently.
  • Stay Informed: Regularly check for browser updates and security advisories to maintain a strong security posture against emerging threats.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVECybersecurityExploitPatchSecurityThreatVulnerability

Share Article

Sarah simpson

Sarah simpson

Sarah is a cybersecurity journalist specializing in threat intelligence and malware analysis. With over 8 years of experience covering APT groups, zero-day exploits, and advanced persistent threats, Sarah brings deep technical expertise to breaking cybersecurity news. Previously, she worked as a security researcher at leading threat intelligence firms, where she analyzed malware samples and tracked cybercriminal operations. Sarah holds a Master's degree in Computer Science with a focus on cybersecurity and is a regular contributor to major security conferences.

Previous Post

Fake ChatGPT Android Apps Deploy Malware, Steal Facebook Credentials

Next Post

NIST releases quick-start guide for cybersecurity, risk, and workforce management

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Alibaba Bans Internal Use of Claude AI Over Backdoor Concerns
July 3, 2026
Apache ActiveMQ Critical Vulnerabilities Allow DoS Attacks, System Crashes
July 3, 2026
Scammers Impersonate Brands in Gambling Ads to Drive Casino Traffic
July 3, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us