Windows Patching
The latest Windows Patching coverage — news, analysis, and updates from the WindowsNews.AI desk.
Google Chrome 150 Patches Skia Memory Leak—Update Now to Block Data Theft
Google released a desktop update for Chrome on June 30, 2026, fixing a medium-severity memory initialization flaw in the Skia graphics engine tracked as CVE-2026-13971. The vulnerability, present in...
Chrome 150 Update Patches Password UI Spoofing Flaw—Check Your Browser Now
Google pushed a stable channel update for Chrome on March 15, closing a medium-severity security hole that allowed an attacker to spoof the browser’s built-in password manager interface. The fix...
Google Patches Chrome TabStrip UI Spoofing Bug (CVE-2026-13984) – Windows Users Should Update Now
Google shipped an emergency update for Chrome on June 30, 2026, patching a medium-severity vulnerability that could allow remote attackers to spoof the browser’s tab strip and security indicators....
Google Fixes Chrome Vulnerability That Allowed Attackers to Spoof Web App Origins
Google disclosed on June 30, 2026, that it had patched a medium‑severity flaw in Chrome’s Web App Install interface, tracked as CVE‑2026‑13993. The bug could let a remote attacker craft a...
Chrome 150.0.7871.47 Fixes Medium-Severity StorageAccessAPI Cross-Origin Leak
On June 30, 2026, Google released a stable channel update for Chrome that includes a fix for CVE-2026-14021, a medium-severity vulnerability in the StorageAccessAPI. The flaw, which came to light...
Google Fixes Chrome SanitizerAPI Flaw That Allowed Attackers to Snoop Across Websites
Google released Chrome version 150.0.7871 with a fix for CVE-2026-14023, a vulnerability in the SanitizerAPI that an attacker could exploit to bypass same-origin restrictions. The company rated the...
Chrome 150.0.7871.47 Patches Navigation Bypass on Windows — Update Now to Block Remote Attacks
Google shipped an urgent but low-severity fix for Chrome on Windows and Mac on June 30, 2026. The update, version 150.0.7871.47, closes a single security hole—CVE-2026-14054—that let a remote...
Chrome 150.0.7871.47 Patches Low-Severity HTML Parsing Flaw That Could Enable Cross-Site Scripting
Google shipped Chrome 150.0.7871.47 to the stable channel for Windows and macOS on June 30, 2026, closing a low-severity universal cross-site scripting (UXSS) vulnerability now cataloged as...
Chrome 150 Patches CSS Side-Channel Flaw That Exposed Cross-Origin Data on Windows and Mac
Google shipped an urgent update for Chrome on Monday, closing a CSS-based side-channel vulnerability that could allow remote attackers to steal sensitive cross-origin data from embedded web pages....
Chrome 150 Fixes CVE-2026-14107: Why You Should Update Now Despite Its Low Severity Rating
On June 30, 2026, Google shipped Chrome 150 to the stable channel for Windows, macOS, and Linux, addressing a use-after-free vulnerability in Chromium’s Scheduling component. Though labeled...
Chrome 150 Emergency Update Closes Accessibility Backdoor to Cross-Site Data
Google shipped an urgent update for Chrome on Wednesday, version 150.0.7871.47, plugging a vulnerability that let attackers bypass the browser’s site isolation defenses if they first compromised a...
Microsoft Patches High-Severity RCE in Edge — Immediate Update Required
Microsoft has released an out-of-band security update for its Chromium-based Edge browser, addressing a high-severity remote code execution vulnerability tracked as CVE-2026-58294. The patch arrived...