With some 3.5 billion users, Google’s Chrome web browser is far and away the most popular on the planet. Popular with users and, it has to be said, with hackers and cybercriminals looking to exploit that considerable user base. Thankfully, Google is always on the lookout for new vulnerabilities that might allow an attacker to compromise user data and even paid hackers $11.8 million in 2024 for doing just that. Now a security researcher has found a critical new vulnerability that requires all Chrome users to update as soon as possible. Here’s what you need to know and do.
ForbesNew Gmail And Microsoft 2FA Security WarningBy Davey Winder
Chrome Attackers Want Your Data
From remote access trojans employing drive-by download tactics, to AI-powered threats to your Chrome passwords, and hacker tools that can crack your browser wide open in 10 seconds flat, now is not the time to stop taking security seriously. If any further evidence of this is required, then look no further than the latest Google Chrome security bulletin, which has confirmed a critical vulnerability impacting all users of the browser across Android, Linux, Mac and Windows platforms.
In an April 15 statement, Google’s Prudhvi Kumar confirmed that two new security vulnerabilities impacting almost all Chrome browser users had been identified. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Bommana added.
ForbesDOGE Big Balls Ransomware Attack — What You Need To KnowBy Davey Winder
MORE FOR YOU
Trump Approval Rating Tracker: Majority Disapprove In Latest Poll As Americans Reject New Tariffs
Microsoft Warns Millions Of Windows Users—Do Not Update Your PC
Today’s NYT Mini Crossword Clues And Answers For Wednesday, April 16th
Chrome Vulnerabilities CVE-2025-3619 And CVE-2025-3620 Confirmed By Google
Allowing for the fact that Google doesn’t release too much information concerning newly discovered and patched security vulnerabilities, what do we know about the latest issues to impact Chrome users?
CVE-2025-3620 is a high-rated use after free vulnerability in Chrome’s USB functionality, while CVE-2025-3619 is a heap buffer overflow issue in Codecs and has been given the highest critical severity Common Vulnerabilities and Exposures rating.
CVE-2025-3620 is of most concern due to its critical rating, and if successfully exploited, could enable an attacker to execute arbitrary code and potentially open the door to system compromise.
ForbesMicrosoft’s New Windows Update — 1 Billion Users Warned: Do Not DeleteBy Davey Winder
Update Chrome Now
The Chrome browser is being updated to version 135.0.7049.95/.96 for Windows and Mac users, version 135.0.7049.95 for Linux users, and version 135.0.7049.100 for Android users. These updates will, Bommana said, “roll out over the coming days/weeks.”
I would urge you not to wait, as the threat actors certainly won’t be holding back if they can exploit these vulnerabilities before you have patched them. You can kickstart the update process by going to “About Google Chrome” from the help menu but remember to relaunch your browser after the download and installation are complete, or you will not be protected by the latest updates.
ForbesNo Reboot Updates Come To Windows 11 — But There’s A CatchBy Davey Winder
