Critical security warning for Chrome users

Google has released an urgent security update for its Chrome browser, patching several critical vulnerabilities that could allow attackers to execute arbitrary code on affected systems.

According to the information, the update, rolled out via Chrome Stable Channel version 147.0.7727.137/138 for Windows and macOS and 147.0.7727.137 for Linux, addresses a total of 30 security flaws. Among them, high-risk memory management issues have drawn particular attention.

One of the most serious issues involves “use-after-free” vulnerabilities. These types of flaws occur when memory is improperly managed, allowing attackers to reference freed memory and potentially inject malicious code. When successfully exploited, these vulnerabilities can lead to full system compromise through a specially crafted malicious web page.

The critical vulnerabilities addressed in this release include CVE-2026-7363 (use-after-free in Chrome’s Canvas component), CVE-2026-7361 (use-after-free affecting iOS builds), CVE-2026-7344 (use-after-free in Accessibility) and CVE-2026-7343 (use-after-free in Views).

In addition, Google has patched more than 20 high-severity vulnerabilities affecting major browser components such as GPU, WebRTC, ANGLE, Skia and the V8 JavaScript engine.

Although Google has not confirmed active exploitation of these vulnerabilities in the real scenario, it emphasizes that flaws involving memory corruption and type confusion remain highly attractive to threat actors. These vulnerabilities are commonly leveraged in drive-by download attacks, malvertising campaigns and watering hole attacks.

Security experts strongly recommend that users update Chrome immediately to version 147.0.7727.137 or later. Considering that browsers remain one of the primary attack vectors in corporate environments, organizations are advised to prioritize patch management processes, monitor for suspicious browser activity, restrict access to untrusted web resources and implement EDR solutions.