Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities


Google and Mozilla this week released Chrome and Firefox browser updates that address multiple high-severity vulnerabilities.

Google promoted Chrome 141 to the stable channel with 21 security fixes, including 12 for security defects reported by external researchers, who earned a total of $50,000 for their findings.

Two of the externally reported bugs, tracked as CVE-2025-11205 and CVE-2025-11206, are high-severity heap buffer overflow issues impacting Chrome’s WebGPU and Video components.

Google says it handed out a $25,000 bug bounty reward for the WebGPU flaw, which was reported by Atte Kettunen of OUSPG in early September.

Chrome 141 also resolves eight medium-severity vulnerabilities, including side-channel information leakage issues in Storage and Tab, inappropriate implementation bugs in Media and Omnibox, an out-of-bounds read flaw in Media, and an off-by-one error in the V8 JavaScript engine.

The remaining two security holes reported by external researchers are low-severity issues affecting Chrome’s Storage component and the V8 engine.

The latest Chrome iteration is rolling out as version 141.0.7390.54 for Linux and as versions 141.0.7390.54/55 for Windows and macOS. The patches were also included in Chrome 141.0.7390.43 for Android.

Mozilla released Firefox 143.0.3 this week with fixes for two high-severity defects in the Graphics and JavaScript Engine components.

Advertisement. Scroll to continue reading.

The Graphics flaw, tracked as CVE-2025-11152, is an integer overflow issue that could lead to sandbox escape. The JavaScript Engine weakness, tracked as CVE-2025-11153, is described as a JIT miscompilation.

Neither Google nor Mozilla mention any of these vulnerabilities being exploited in the wild, but users are advised to update their browsers as soon as possible.

Related: Chrome 140 Update Patches Sixth Zero-Day of 2025

Related: OpenSSL Vulnerabilities Allow Private Key Recovery, Code Execution, DoS Attacks

Related: AMTSO Releases Sandbox Evaluation Framework

Related: Security is Everywhere. Can Your Services Keep Up?



Source link

About Cybernoz

Security researcher and threat analyst with expertise in malware analysis and incident response.