Chrome Security Update Addressing 21 Vulnerabilities


The Chrome team has released Chrome 141.0.7390.54/55 to the stable channel for Windows, Mac, and Linux, rolling out over the coming days and weeks.

This update delivers critical security fixes, including 21 distinct vulnerabilities that span high, medium, and low severity.

External researchers contributed to several of these fixes, earning rewards up to $25,000. Users are strongly encouraged to update immediately to benefit from these protections and ensure the safest possible browsing experience.

Overview Vulnerabilities

Chrome 141 introduces fixes for two high-severity heap buffer overflows and multiple medium-severity issues involving side-channel leaks, out-of-bounds reads, and improper implementations across various components, including WebGPU, Video, Storage, Omnibox, Media, Tab, and V8.

Low-severity bugs in Storage and V8 have also been addressed. Most external contributions were discovered through advanced techniques like fuzzing, AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL.

Below is a summary of the externally reported vulnerabilities, their severity, and the reward amounts:

Reward CVE Severity Description
$25,000 CVE-2025-11205 High Heap buffer overflow in WebGPU
$4,000 CVE-2025-11206 High Heap buffer overflow in Video
$5,000 CVE-2025-11207 Medium Side-channel information leakage in Storage
$3,000 CVE-2025-11208 Medium Inappropriate implementation in Media
$3,000 CVE-2025-11209 Medium Inappropriate implementation in Omnibox
$3,000 CVE-2025-11210 Medium Side-channel information leakage in Tab
$3,000 CVE-2025-11211 Medium Out-of-bounds read in Media
$2,000 CVE-2025-11212 Medium Inappropriate implementation in Media
$1,000 CVE-2025-11213 Medium Inappropriate implementation in Omnibox
N/A CVE-2025-11215 Medium Off-by-one error in V8
$1,000 CVE-2025-11216 Low Inappropriate implementation in Storage
N/A CVE-2025-11219 Low Use-after-free in V8

In addition to these researcher-reported fixes, the Chrome security team addressed numerous other issues identified through internal audits, fuzzing, and automated testing.

These improvements strengthen Chrome’s resilience against a wide range of memory corruption and information leakage techniques.

  1. Open Chrome and click the menu (⋮) in the top-right corner.
  2. Select Help > About Google Chrome.
  3. Chrome will automatically check for updates and install version 141.
  4. Restart the browser to apply the fixes.

Upcoming Chrome and Chromium blog posts will detail new features and major efforts delivered in Chrome 141.

Keeping Chrome up to date is crucial for protecting against evolving threats. Users are urged to apply this update as soon as it becomes available to ensure their browsing remains secure and reliable.

Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.



Source link

About Cybernoz

Security researcher and threat analyst with expertise in malware analysis and incident response.