Google has launched a vital replace for the Chrome browser, addressing three high-severity safety vulnerabilities. This patch, a part of the newest Secure channel launch, ensures customers stay shielded from potential threats.
The brand new model rolled out progressively, underscores Chrome’s dedication to offering a safe searching setting. Customers are urged to replace their browsers promptly to protect towards exploitation.
Secure Channel Updates
The most recent Chrome replace applies to the Secure channel, with variations 132.0.6834.110/111 now accessible for Home windows and Mac customers, and 132.0.6834.110 accessible for Linux.
Moreover, the Prolonged Secure channel has been up to date to the identical variations for Home windows and Mac. Over the following few days and weeks, these variations might be distributed globally to make sure a seamless transition.
Customers eager about exploring the technical updates on this launch can entry the detailed change log by the Chrome Launch Log, which highlights the modifications and enhancements launched.
Are you from SOC/DFIR Groups? - Analyse Malware Recordsdata & Hyperlinks with ANY.RUN Sandox -> Attempt for Free
Addressing Safety Vulnerabilities
This replace addresses three high-severity vulnerabilities that might have left customers’ techniques susceptible to exploitation.
Two of those points have been reported by exterior researchers, whereas the third repair addresses a number of dangers recognized by inside audits. Under are the main points of the patched vulnerabilities:
CVE-2025-0611: Object Corruption in V8
CVE-2025-0611 is a high-severity vulnerability stemming from object corruption in Chrome’s V8 JavaScript engine, which powers a lot of the browser’s performance.
This flaw may permit attackers to execute arbitrary code or disrupt the browser’s operations. The difficulty was reported by a researcher recognized as “303f06e3” on December 26, 2024. Google awarded a bounty of $11,000 to the researcher for this vital discovery.
CVE-2025-0612: Out-of-Bounds Reminiscence Entry in V8
CVE-2025-0612 is one other high-severity vulnerability affecting the V8 engine. It includes out-of-bounds reminiscence entry, which may probably expose delicate person knowledge or allow the execution of unauthorized code.
This situation was reported by researcher Alan Goodman on December 20, 2024, incomes him a safety bounty of $8,000.
Along with the externally reported vulnerabilities, this launch contains fixes stemming from Google’s inside safety audits and testing instruments reminiscent of AddressSanitizer, MemorySanitizer, and libFuzzer.
These proactive efforts are designed to determine and tackle safety gaps earlier than they are often exploited. Whereas particular particulars about these enhancements stay restricted, they collectively improve Chrome’s total safety.
Google has emphasised that entry to detailed bug info will stay restricted till most customers have obtained the replace.
This method prevents malicious actors from exploiting the vulnerabilities earlier than a majority of techniques are protected. Chrome’s safety workforce additionally thanked exterior researchers for his or her worthwhile contributions, which play a vital function in figuring out and addressing these points.
To additional strengthen its safety ecosystem, Google depends on superior instruments reminiscent of Management Move Integrity and UndefinedBehaviorSanitizer to pre-emptively detect and mitigate dangers.
Chrome customers are strongly suggested to examine that their browser is up-to-date. To replace, open Chrome, navigate to Assist > About Google Chrome, and permit the browser to obtain and set up the replace mechanically.
As soon as the method is full, relaunch Chrome to use the replace and be certain that the patched model is lively.
Integrating Software Safety into Your CI/CD Workflows Utilizing Jenkins & Jira -> Free Webinar