CONSENSUS WIRE
← Back to Tech & Science

Google Chrome Releases Major Security Update Patching 60 Vulnerabilities

Tech & ScienceAI-Generated & Algorithmically Scored·

AI-generated from multiple sources. Verify before acting on this reporting.

SAN FRANCISCO — Google on Thursday released Chrome 147, a major security update that patches 60 vulnerabilities across its web browser, including two critical flaws that carried bounties of $86,000 each. The update, which rolled out globally, addresses security risks that could allow malicious actors to execute arbitrary code or bypass browser protections.

The release marks a significant security push for the world's most widely used web browser. Among the 60 fixed issues, two were classified as critical severity. Security researchers who discovered these high-value flaws were awarded the maximum bounty available under Google's Chrome Vulnerability Reward Program. The specific technical details of the exploits remain under embargo, but the patches are designed to prevent remote code execution and sandbox escapes.

Chrome 147 is the latest in a series of regular updates intended to maintain the integrity of the browser's security architecture. The update affects users on Windows, macOS, Linux, and Android operating systems. Google advised all users to update their browsers immediately to ensure protection against potential exploits targeting the unpatched versions.

The two critical vulnerabilities were discovered through independent security research. While the identities of the researchers have not been publicly disclosed, the substantial payouts indicate the severity of the threats. One flaw involved a type confusion issue in the V8 JavaScript engine, while the other targeted the browser's rendering process. Both issues could have allowed attackers to compromise a user's device simply by visiting a malicious website.

Google's security team worked to address the issues before they could be widely exploited in the wild. The coordinated disclosure process ensured that patches were available simultaneously across all platforms, minimizing the window of opportunity for attackers.

The update also includes improvements to Chrome's built-in security features, including enhanced phishing protection and stricter handling of third-party cookies. These changes align with broader industry efforts to improve web privacy and security standards.

Security experts recommend that enterprise administrators deploy the update through their management consoles to ensure compliance across all corporate devices. The update is available automatically for most users, though manual checks may be required on some systems.

Questions remain regarding whether any of the vulnerabilities have been actively exploited in the wild prior to the patch. Google has not confirmed any known attacks, but the high value of the bounties suggests the flaws were significant enough to warrant immediate attention. The company continues to monitor for new threats and will release additional updates as necessary.

The release of Chrome 147 underscores the ongoing arms race between browser developers and cybersecurity researchers. As web technologies evolve, so do the methods used to exploit them, necessitating constant vigilance and rapid response from security teams.