InfoSecBulletin Cybersecurity for mankind
Google has released a big security update for Chrome on desktops. Version 149.0.7827.114/.115 is now out for Windows and Mac. Linux gets version 149.0.7827.114. The update will keep going in the next days and weeks.
This update fixes 28 security flaws. Some of these are very serious. They might let attackers run any code they want or crash the browser completely.
Using AI, Researcher Hacks Google and Earns $500,000 Bug Bounty
Chrome 149 fixes 28 flaws, including critical UAF bugs
Dahua patches multiple critical vulnerabilities in its products
South Korea fines Coupang Record $409 mln fine for data leak
ShinyHunters claim stolen data from 100+ org via oracle PeopleSoft servers
Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered
73 Microsoft Packages Compromised in Password Stealer Attack
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
Microsoft June Patches 200 Vulnerabilities including 3 zero days
World’s first wind power underwater data center is now live
Five flaws were rated as critical. CVE-2026-12007 impacts the Core part due to a use-after-free issue. Likewise, CVE-2026-12008 affects DigitalCredentials, and CVE-2026-12011 impacts WebMIDI for the same reason.
CVE-2026-12009 is about not checking input properly in Accessibility features. Also, CVE-2026-12010 is a heap buffer overflow in the GPU part. Attackers could use these problems to take control of the systems.
This Chrome security update fixes more than just important problems. It also solves 23 serious bugs. These bugs affect many parts like Network, Media, Cast, Autofill, DevTools, and Extensions.
Several use-after-free flaws appear again in the list, impacting Autofill, GPU, Video, and Views parts. Also, race issues in Safe Browsing and gaps in policy enforcement in DevTools and Headless mode complete the fixes.
Independent researcher Henock Habte found a bug, CVE-2026-12013, in the Media part. Google’s security team discovered the other issues on their own.
Use-after-free flaws are still a top target for hackers. So, fixing them quickly is very important. Chrome usually updates by itself, but users can also start the update from the browser’s settings.
For full technical details on each fix, readers can check the official Chrome stable channel release notes. Google usually holds back bug details until most users have updated.
Recommended Action
Users need to check if their Chrome version is 149.0.7827.114 or higher. Restarting the browser finishes the update. Since there are many important fixes, waiting to update raises the risk of problems a lot.
