Browser Security
The latest Browser Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Update Now: Microsoft Edge 150.0.4078.48 Closes Critical RCE That Could Let Attackers Hijack Your PC
Microsoft on July 3 disclosed a critical remote code execution vulnerability in its Chromium-based Edge browser, assigning it CVE-2026-58285 and releasing an emergency patch. Every Edge version prior...
Microsoft Edge Spoofing Flaw Lets Attackers Mask Malicious Sites—Here’s the Fix
Microsoft has disclosed a new spoofing vulnerability in its Edge browser that could let attackers disguise phishing websites as legitimate ones, the company warned in a security update released this...
CVE-2026-13954: Chrome for Android’s Memory Leak Risk Fixed – Update Now
Google has pushed out a fix for a medium-severity vulnerability in Chrome for Android that could let a remote attacker read potentially sensitive information from the browser’s process memory. The...
High-Severity Edge Flaw Lets Attackers Run Malicious Code—Patch Available
Microsoft released a critical security update for its Chromium-based Edge browser on Thursday, addressing a remote code execution vulnerability that could allow attackers to take over a system simply...
Critical Edge RCE Exploited via Malicious Websites: Why 'Network' Doesn't Mean Worms
Microsoft has disclosed a critical remote code execution vulnerability in its Edge browser that can be triggered simply by visiting a specially crafted website—no additional user interaction beyond...
Google Fixes Chrome 150 Network Flaw That Opens Door to Script Injection on Windows
Google released a security update for Chrome on June 30, 2026, patching a vulnerability that could let attackers inject malicious scripts into any website open in the browser. The flaw, tracked as...
Chrome Security Update Closes FileSystem Bypass That Could Expose User Files
Google has released Chrome 150.0.7871.47 for Windows and Mac, patching a low-severity vulnerability that could have allowed a remote attacker to circumvent file system security restrictions. The...
Chrome 150 Patches Low-Severity Same-Origin Bypass — Here’s Why You Should Still Update Now
Google rolled out Chrome 150.0.7871.47 to the stable channel on June 30, 2026, closing a same-origin policy loophole that could let a remote attacker sidestep one of the web’s most fundamental...
Google Fixes Low-Severity Chrome for Android Flaw Allowing TabSwitcher Navigation Bypass
Google disclosed a low-severity vulnerability in Chrome for Android on June 30, 2026, that could let an attacker manipulate the browser’s tab-switching interface. The company says it resolved the...
Chrome for Android's Canvas Memory Leak Puts Your Data at Risk: Update to Version 150 Now
A critical information-disclosure vulnerability in Chrome for Android, tracked as CVE-2026-14088, was published by the National Vulnerability Database (NVD) on June 30, 2026, and could allow...
Update Chrome Now: High-Severity DevTools Bug Enables Remote Attacks via Web Pages
Google rolled out an emergency fix on June 30, 2026, for a dangerous use-after-free flaw in Chrome’s DevTools component that could let a remote attacker hijack your browser just by luring you to a...
Google Ships Emergency Chrome Update to Stop CSS-Based Data Theft
Google disclosed a high-severity flaw in Chrome on June 30, 2026, that made it possible for hackers to bypass the browser’s same-origin policy and read sensitive data from other websites using...