Google has released an urgent Chrome update to fix a high-severity vulnerability that is actively being exploited.
The Stable channel is now updated to 145.0.7632.75/.76 for Windows and macOS, and 144.0.7559.75 for Linux. Desktop users should update immediately.
What’s the Problem?
The issue, tracked as CVE-2026-2441, is a “Use After Free” bug in Chrome’s CSS engine. This type of flaw happens when the browser tries to use memory that has already been released. Attackers can abuse this mistake to crash the browser or execute malicious code.
Google confirmed that an exploit exists in the wild. The vulnerability was reported by security researcher Shaheen Fazim on February 11, 2026, and patched shortly after.
Vulnerability Details
CVE ID: CVE-2026-2441
Severity: High
Component: CSS (Cascading Style Sheets)
Vulnerability Type: Use After Free
Impact: Potential Remote Code Execution
Reported By: Shaheen Fazim
Exploitation Status: Actively exploited
How Attackers Use It
An attacker can create a specially crafted webpage that triggers the memory error when opened in Chrome. If successful, this could allow code execution on the victim’s system and possibly escape browser protections.
Because it’s a zero-day under active exploitation, Google has limited technical disclosure until more users install the update.
What You Should Do
Do not wait for automatic updates.
Go to:
Chrome menu → Help → About Google Chrome
Force the browser to check for updates and restart after installation.
Enterprise administrators should prioritize patch deployment across all managed endpoints.
Leave A Comment