Browser Security
The latest Browser Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Chrome users must update now: Critical CVE‑2026‑13774 allows takeover via extensions
Google has released an emergency update for its Chrome browser to patch a critical use‑after‑free vulnerability, catalogued as CVE‑2026‑13774, that could let a malicious browser extension...
Chrome Extension UI Flaw Gets Emergency CVE as CISA and NIST Rush Analysis
Google Chrome users have been put on alert after a critical vulnerability in the browser’s extension security interface received an official CVE identifier, triggering swift action from federal...
Chrome Extension Flaw Lets Attackers Bypass Site Isolation—Update Now
Chrome Extension Flaw Lets Attackers Bypass Site Isolation—Update Now Google has patched a medium-severity security flaw in Chrome’s extensions framework that could let a determined attacker slip...
Google Chrome Cast Receiver Flaw Lets Attackers Hijack Browsers, Patch Issued
Google has rushed out a fix for a dangerous use-after-free vulnerability in Chrome’s Cast Receiver component. The flaw, tracked as CVE-2026-13898, affects all Chrome versions before 150.0.7871.47...
Chrome 150 Squashes Network Bug That Lets Attackers Outmaneuver Navigation Rules
Google released a surprise security update for Chrome on June 30, 2026, patching a flaw that could allow a network-based attacker to bypass the browser’s navigation policies. Tracked as...
Chrome 150 Patches High-Severity UI Vulnerability — Update Windows Now
Google shipped an emergency update for Chrome on June 30, 2026, fixing a high-severity use-after-free bug in the browser’s Views UI framework. The patch, version 150.0.7871.47 for Windows and Mac,...
Urgent Chrome 150 Update Patches Critical Use-After-Free Flaw in Windows UI
Google released Chrome 150 to the stable channel on June 30, 2026, with an urgent fix for CVE-2026-13784, a critical use-after-free vulnerability in the browser’s Views UI framework. The flaw could...
Urgent Edge Update Fixes Autofill Vulnerability That Could Allow Remote Code Execution
On July 3, 2026, Microsoft rushed out a fix for a critical security hole in its Edge browser that could allow attackers to take control of a Windows PC with nothing more than a malicious website and...
Microsoft Ships Urgent Edge Patch to Close Spoofing Hole That Could Trick Users into Trusting Malicious Sites
Microsoft pushed a security patch this week to fix a spoofing vulnerability in Edge that could let attackers impersonate trusted websites, disable security warnings, and trick users into handing over...
Microsoft Fixes Edge Spoofing Bug CVE-2026-58282 That Can Mask Malicious Sites
A newly disclosed vulnerability in Microsoft Edge, tracked as CVE-2026-58282, allows attackers to spoof the browser’s address bar and make malicious websites appear legitimate. Microsoft published...
CVE-2026-57992: Edge Update Fixes Critical RCE Flaw—And a Dangerous Patch Gap
Microsoft shipped an emergency update for Edge Stable on July 2 that patches a remote code execution vulnerability—tracked as CVE-2026-57992—that attackers could exploit simply by luring a victim...
A Single Webpage Can Hijack Your PC: Patch Edge 150.0.4078.48 Right Now
{ "title": "A Single Webpage Can Hijack Your PC: Patch Edge 150.0.4078.48 Right Now", "content": "A solitary visit to a booby-trapped website could hand attackers complete control over your...