Chrome 148 update fixes 79 vulnerabilities, including 14 critical
Summary created by Smart Answers AI
In summary:
- PCWorld reports Google released Chrome 148 update patching 79 security vulnerabilities, including 14 critical and 37 high-risk flaws affecting desktop and mobile versions.
- Many vulnerabilities are ‘use-after-free’ issues that could allow attackers to exploit browser memory, prompting Google to consider memory-safe languages like Rust.
- Users should immediately update via Help → About Google Chrome to protect against these unpatched security threats before potential exploitation occurs.
With the new Chrome versions 148.0.7778.167/168 for Windows and macOS and 148.0.7778.167 for Linux, the developers have patched 79 security vulnerabilities. According to Google, none of them are currently being exploited in the wild yet.
In the Chrome Releases blog post, Srinivas Sista lists all of the fixed flaws. AI models specializing in vulnerability detection likely played a significant role in the dramatic increase in the number of vulnerabilities found. Google discovered 59 of these vulnerabilities while the remaining 20 were reported by external security researchers. Google has so far awarded these researchers $112,000 in bounties.
Fourteen of the 79 vulnerabilities are classified as critical: CVE-2026-8509 to CVE-2026-8522. A further 37 vulnerabilities are classified as high risk, with the remainder classified as medium risk. Once again, use-after-free (UAF) vulnerabilities dominate. Eight UAF vulnerabilities are classified as critical, with 24 UAF flaws in total.
UAF vulnerabilities are dangerous because the program attempts to access dynamically allocated memory areas that have already been released. UAF vulnerabilities are a common problem in programming languages like C and C++, so Google intends to rely more on memory-safe languages like Rust. (Mozilla has been using Rust for some time, but is still burdened with millions of lines of legacy C code.)
In addition, Google has also released Chrome for Android 148.0.7778.167 and Chrome for iOS 148.0.7778.166 this week. The Android version addresses the same vulnerabilities as the desktop versions. The Extended Stable Channel for Windows and macOS now includes Chromium version 148.0.7778.168.
As a rule, Chrome updates automatically when a new version is available. You can manually check for updates via the menu item Help → About Google Chrome. Chrome version 149 is expected in early June.
Tip: Whether you keep your browser up to date, you need proper antivirus protections if you want your PC to remain secure and private. Check out our picks for the best antivirus software for Windows as well as best VPN services to stay ahead of security problems.
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.
