
Google release second critical Chrome update in 48 hour period.
© 2025 Bloomberg Finance LP
Within the space of just 48 hours, Google has now issued two critical security updates for the world’s most popular browser. Not that so-called emergency updates are unusual in and of themselves, but these would usually only involve a single new vulnerability, and that would be one of the zero-day variety that is already known to be exploited by attackers in the wild. In the case of the highly unusual Chrome 150.0.7871.128/.129 update for Windows, Mac and Linux users, Google has not warned of ongoing attacks; there are seven vulnerabilities patched in total, three of them with a Common Vulnerability Scoring System severity rating of critical.
ForbesMicrosoft Warns 2 Zero-Days Already Exploited In Attacks: Update NowBy Davey Winder
Google Chrome 150.0.7871.128/.129 Critical Security Updates Explained
While the speed of this second Chrome security update is as surprising as it is unusual, that the three critical vulnerabilities confirmed as patched are of the use-after-free memory variety really isn’t. The Open Worldwide Application Security Project defines a use-after-free vulnerability, which I have explained in more detail here, as something that happens when a program references heap-allocated memory after it has already been freed or deleted, which can result in data corruption and even arbitrary code execution.The July 14 Chrome security update referenced six such issues, two of which were rated critical.
The July 16 update has now raised the stakes, highlighting three critical use-after-free vulnerabilities. Google’s technical program manager, Daniel Yip, described them as follows:
- CVE-2026-15899 impacts Chrome’s CameraCapture component.
- CVE-2026-15900 impacts the GPU.
- CVE-2026-15901 impacts the Chrome Network component.
All three are reported as being uncovered by Google itself, rather than external security researchers using the Google bug bounty program, which suggests that AI could have been involved once again and would help explain the speed at which new Chrome vulnerabilities are being found and, thankfully, patched.
Google has likely already rolled out this latest update to you; if you are asked to relaunch your browser, then it has. If not, you can use the three-dot Chrome menu to manually start the update search, download and installation process.

1 hour ago
1













English (US)