Google has released security updates for Chrome that fix a high-risk vulnerability in the 143.x branch across all major desktop platforms.

The issue has been resolved in:

  • Chrome 143.0.7499.192 / 143.0.7499.193 for Windows and macOS
  • Chrome 143.0.7499.192 for Linux
  • Chrome 143.0.7499.193 for Android

According to Google, the vulnerability has not been observed being exploited in the wild at the time of disclosure.

Details of the vulnerability

In a brief post on the Chrome Releases blog, Google engineer Harry Souders confirmed that the flaw was reported by an external security researcher and classified as high risk.

The vulnerability is tracked as CVE-2026-0628 and affects the WebView component of Chromium. It is described as an issue caused by insufficient enforcement of security policies.

While Google did not publish technical specifics, this category of vulnerability typically refers to cases where security rules — such as origin checks or content isolation policies — are not consistently applied. This can allow content from untrusted or external sources to be loaded or processed in unintended ways.

The issue was reported to Google by Gal Weizman in late November 2025.

How to update Chrome

Chrome normally updates automatically in the background. Users can manually trigger an update check by opening the menu and selecting:

Help → About Google Chrome

Once the update is downloaded, restarting the browser completes the installation.

Extended Stable Channel and Android

The fix has also been applied to the Extended Stable Channel for Windows and macOS, which now includes Chromium 142.0.7499.265.

READ 👉  How To Backup Registry in Windows (2024)

Google has also released Chrome for Android 143.0.7499.193, which contains the same security fixes as the desktop versions.

Impact on other Chromium-based browsers

Vendors of other browsers based on Chromium are expected to integrate the fix in their own update cycles:

  • Microsoft Edge and Brave are currently based on Chromium 143 and will need to ship patched builds.
  • Vivaldi does not adopt odd-numbered Chromium versions such as 143 and instead uses the Extended Stable branch of the previous version. Its current release is based on Chromium 142, and it is expected to move to the updated Extended Stable build shortly.
  • Opera One 125, released in early December 2025, is still based on Chromium 141. The beta version of Opera 126 uses Chromium 142 and is likely to receive the fix before a stable release.

What’s next

Google plans to release Chrome 144 on January 13, 2026, which will become the next stable version and include all recent security fixes.

Summary

  • A high-risk vulnerability (CVE-2026-0628) in Chrome’s WebView component has been patched.
  • No active exploitation has been detected so far.
  • Users are strongly advised to update Chrome and any Chromium-based browsers as soon as the fix becomes available.
Did you enjoy this article? Feel free to share it on social media and subscribe to our newsletter so you never miss a post!

And if you'd like to go a step further in supporting us, you can treat us to a virtual coffee ☕️. Thank you for your support ❤️!
Buy Me a Coffee
⚠️ Legal Disclaimer: This website is an informational and educational tech blog. The content provided aims to help users better understand technologies, software, online tools, and digital practices.

We do not support or promote any form of piracy, copyright infringement, or illegal use of software, video content, or digital resources.

Any mention of third-party sites, tools, or platforms is purely for informational purposes. It is the responsibility of each reader to comply with the laws in their country, as well as the terms of use of the services mentioned.

We strongly encourage the use of legal, open-source, or official solutions in a responsible manner.
READ 👉  How to track the performance of your internet connection with Speedtest Tracker?

Categorized in:

CybersecuritySoftware