UMVA has learned that the latest Chrome releases—versions 148.0.7778.216/217 for Windows, 148.0.7778.2015/216 for macOS, and 148.0.7778.215 for Linux—have sealed more than 150 long‑standing security holes that could have left users exposed.
In a meticulous audit, the developers uncovered 151 flaws, 134 of which were spotted by the team itself and 17 reported by vigilant external researchers. The collective effort has already attracted a bounty of $137,500, a testament to the urgency of these discoveries.
More than half of the fixes target use‑after‑free vulnerabilities, with 66 bugs eliminated in that category alone. Twenty‑two of the vulnerabilities carry a critical label, while 123 rank as high risk and six as medium, underscoring the pervasive threat that once existed.
Within the ANGLE OpenGL library, 35 vulnerabilities were addressed, four of them critical—a clear reminder that even low‑level graphics components can harbor hidden dangers.
Android and iOS are not left behind; Chrome for Android 148.0.7778.215 and Chrome for iOS 149.0.7827.45 have been patched to match the desktop fixes, ensuring a unified security posture across platforms.
The Extended Stable Channel for Windows and macOS now ships Chromium 148.0.7778.217, bringing the most robust protection to users who rely on the long‑term release.
Chrome’s automatic update system is designed to deploy these patches instantly, but users can verify the update status manually via Help → About Google Chrome.
UMVA has uncovered that the next major update, Chrome 149, is slated for release next week, promising even tighter security and performance enhancements.
Keeping the browser current is essential, yet it is equally vital to maintain reliable antivirus defenses to guard against any residual threats that may surface outside the browser ecosystem.