Google and Mozilla released security updates for Chrome and Firefox to fix multiple memory-safety vulnerabilities, with Chrome 147 addressing 30 issues including four critical use-after-free flaws and Firefox 150.0.1 resolving several critical and high-severity memory bugs. Both vendors patched CVEs affecting components like Canvas, GPU, Accessibility, Views, and Audio/Video, and Google paid $30,000 in bug bounties for some fixes. #Chrome147 #Firefox150
Keypoints
- Chrome 147 delivers 30 security fixes, including four critical use-after-free vulnerabilities.
- Most of the remaining Chrome fixes are memory-safety bugs, with 16 high-severity use-after-free issues and other out-of-bounds and type confusion flaws.
- Google awarded $30,000 in bug bounties for resolved defects, paying $16,000 for a GPU use-after-free bug.
- Firefox 150.0.1 patches four security defects (including CVE-2026-7322/7323/7324/7320), covering critical memory corruption and an Audio/Video information disclosure, with fixes also in ESR releases.
- Users should update to Chrome 147.0.7727.137/138 (Windows/macOS) or 147.0.7727.137 (Linux), and to Firefox 150.0.1 or the updated ESR builds.
Read More: https://www.securityweek.com/chrome-147-firefox-150-security-updates-rolling-out/