Google has issued an emergency safety replace for the Chrome browser to handle a vital zero-day vulnerability that’s at the moment being exploited by attackers. The replace, launched on Tuesday, March 31, fixes a complete of 21 safety flaws throughout Home windows, macOS, and Linux platforms.
The first vulnerability, tracked as CVE-2026-5281, is a high-severity reminiscence administration error positioned inside the Daybreak part of the browser. Google has confirmed that lively exploits for this flaw exist within the wild.
To guard the consumer base, the corporate is withholding particular technical particulars and report hyperlinks till many customers have utilized the patch. This technique goals to forestall additional cybercriminals from growing further exploits earlier than techniques are secured.
Past the zero-day repair, the event staff resolved 19 high-risk and two medium-risk vulnerabilities. These points had been recognized by each inner employees and exterior safety researchers. The replace addresses vulnerabilities in a number of important browser parts, together with:
Many of those flaws had been detected utilizing superior code sanitization instruments, akin to AddressSanitizer and MemorySanitizer, which assist establish memory-related bugs in the course of the growth course of.
Model Data and Distribution
The safety patch is being rolled out steadily. Customers are protected if their browser model ends in .177 or .178 on Home windows and Mac or .177 on Linux.
Working System
Safe Model Suffix
Home windows / macOS
146.0.7680.177 or .178
Linux
146.0.7680.177
Whereas the replace will ultimately set up mechanically, safety consultants extremely suggest that customers manually set off the replace course of. This may be completed by navigating to the Chrome settings menu, deciding on “About Chrome,” and permitting the browser to verify for and set up the newest model instantly.
