The Chrome team has released a crucial security update, Chrome 141.0.7390.54/55, for Windows, Mac, and Linux users, which is rolling out progressively over the coming days. This release is a significant one as it addresses 21 distinct vulnerabilities of high, medium, and low severity. The update includes fixes for two high-severity heap buffer overflows and several medium-severity issues, such as side-channel leaks and out-of-bounds reads. These vulnerabilities were found across multiple components, including WebGPU, Video, Storage, and V8.
A number of these critical fixes were the result of contributions from external researchers who were rewarded for their efforts, with one researcher receiving a bounty of $25,000. Most of these discoveries were made using sophisticated techniques like fuzzing and sanitizers, highlighting the security community’s collaborative effort in making the web safer. The update also includes fixes for several low-severity bugs in Storage and V8.
In addition to the vulnerabilities reported by external researchers, the Chrome security team also addressed numerous other issues identified through their own internal audits and automated testing. These fixes strengthen Chrome’s defense against a wide range of attacks, especially those involving memory corruption and information leakage. This proactive approach ensures that Chrome remains a robust and secure browser.
To get the update, users simply need to open their Chrome browser, click the three-dot menu in the top-right corner, and go to Help > About Google Chrome. The browser will automatically check for and install the update. A quick restart is all that’s needed to apply the new protections. This simple step is vital for ensuring a secure and reliable browsing experience.
Staying current with browser updates is the most effective way to protect against evolving online threats. While this release focuses on security, upcoming blog posts will detail any new features and other major improvements delivered in this version. Users are strongly encouraged to update without delay to benefit from these essential security patches.
Reference: