Naijacrux News:Welcome to Naijacrux Online Forum..Great Place To Get Tips Facts Updates and More ,Interact Discuss & Learn With Others !!.remember to register to enjoy much more update!!!New Updates From Naijacrux -Naijacrux Is Now Mobile Friendly - Download Our Android App On Our Forum Rules And Announcement Section.Our App Will be Live On Google Playstore And IOS Store Soon Aswell - CLICK HERE TO DOWNLOAD NAIJACRUX ANDROID APP !!! Dear Guest And Naijacrux Dedicated Members,!!! ,  You Can Now Receive Naijacrux Weekly New Post and Updates Via Email by Subscribing To Our Newsletter Using The Subscribe Button Above The Naijacrux Announcement And Discussion At The Top Home Page!!Never Miss A New Post And Updates Again.!Thank You.  !!!YOU ARE WELCOME TO NAIJACRUX INFORMATIVE LEARNING AND INTERACTIVE FORUM.This Website is an Intensive Forum of Learning We recommend you Register & Login to Enjoy much free stuffs ::>>Also remember to Update your Profile Immediately after registration. Thank you!>>>!!!!To All Advertisers And Patronizers, kindly Send Mail To [email protected] For adverts Placement. thanks!!!


Author Topic: Update Chrome ASAP to Patch This High-Severity Security Flaw  (Read 76 times)

0 Members and 1 Guest are viewing this topic.

Offline Nairaland

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 405
  • Karma: +0/-0
Update Chrome ASAP to Patch This High-Severity Security Flaw
« on: February 26, 2026, 07:12:21 AM »
Advertisement
Update Chrome ASAP to Patch This High-Severity Security Flaw

If you use Google Chrome, you should install the latest update ASAP. Google has issued a patch for a high-severity flaw that has been actively exploited in the wild—the first Chrome zero-day in 2026.

What the Google Chrome patch fixes

The latest flaw, catalogued as CVE-2026-2441, is a use-after-free vulnerability in CSSFontFeatureValuesMap, Chrome's CSS font feature implementation. A use-after-free vulnerability is a flaw in which an application attempts to use memory after it has been released back to the system. This type of bug allows attackers to execute code, escalate privileges, cause app or system crashes, and leak sensitive data.

CVE-2026-2441 would allow "a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page." Essentially, this means malicious HTML content could run code inside a Chrome tab, extension, or plugin. As Malwarebytes explains, this is dangerous because attackers can see or modify whatever the isolated browser tab (sandbox) can access, allowing actions like credential harvesting and traffic rerouting—even if it cannot escape to impact the whole operating system.

Google said that this vulnerability has been exploited in the wild but hasn't provided any specific details as to how. The discovery has been attributed to Shaheen Fazim.

What Chrome users need to do

Google released a Stable channel update on Feb. 13 with a patch for this flaw. The latest versions of Chrome are 145.0.7632.75/76 for Windows and macOS and 144.0.7559.75 for Linux, so you'll want to ensure you are up to date. Go to the Chrome menu and select About Google Chrome to check which version you're on.

Chrome updates automatically when you close and reopen the browser, but if you don't do that regularly, keep an eye out for pending updates in the top-right corner of your browser window. Apply these updates immediately by tapping the three dots and selecting the first menu item. Chrome will need to restart to complete the update.


Source: Update Chrome ASAP to Patch This High-Severity Security Flaw