Google Releases Chrome 132 Stable Version: Addresses Multiple High-Risk Vulnerabilities Enabling Remote Attacks
Google Releases Chrome 132 Stable Version: Addresses Multiple High-Risk Vulnerabilities Enabling Remote Attacks
- Why Enterprise RAID Rebuilding Succeeds Where Consumer Arrays Fail?
- Linus Torvalds Rejects MMC Subsystem Updates for Linux 7.0: “Complete Garbage”
- The Man Who Maintained Sudo for 30 Years Now Struggles to Fund the Work That Powers Millions of Servers
- How Close Are Quantum Computers to Breaking RSA-2048?
- Why Windows 10 Users Are Flocking to Zorin OS 18 Instead of Linux Mint?
- How to Prevent Ransomware Infection Risks?
- What is the best alternative to Microsoft Office?
Google Releases Chrome 132 Stable Version: Addresses Multiple High-Risk Vulnerabilities Enabling Remote Attacks
On January 15, Google officially announced the release of Chrome 132 for its stable channel, providing critical security updates and feature enhancements for Windows, macOS, and Linux users.
This new version, identified as 132.0.6834.83/84, will be gradually rolled out over the coming days and weeks. Among the updates are fixes for 16 security vulnerabilities, including several high-risk issues that could allow remote code execution (RCE).
Highlighted Fixes for Critical Security Issues
Chrome 132 addresses vulnerabilities across various browser components, with five being particularly severe:
-
CVE-2025-0434: A memory out-of-bounds access vulnerability in Chrome’s V8 JavaScript engine. Exploitation could lead to browser crashes or remote code execution.
-
CVE-2025-0435: Flaws in the navigation functionality resulting in unexpected behavior or potential data leaks.
-
CVE-2025-0436: An integer overflow vulnerability in Chrome’s Skia graphics engine that could be exploited for malicious purposes.
-
CVE-2025-0437: An out-of-bounds read vulnerability in the Metrics component, which might result in sensitive data exposure.
-
CVE-2025-0438: A stack buffer overflow vulnerability in the Tracing component, which could allow attackers to perform remote code execution.
In addition to the critical issues listed above, medium- and low-severity vulnerabilities were addressed across various components, such as Frames, Fullscreen, Payments, Extensions, and Compositing. These involve problems like race conditions, insufficient data validation, and improper implementation.
Rewards for External Security Researchers
Google acknowledged and rewarded external researchers who reported these vulnerabilities, offering bug bounties ranging from $1,000 to $7,000:
- CVE-2025-0434 (V8 memory access vulnerability) and CVE-2025-0435 (navigation functionality flaw) garnered $7,000 each.
- CVE-2025-0436 (Skia integer overflow vulnerability) resulted in a $3,000 reward.
Strong Recommendation to Update
Some of these vulnerabilities could potentially be exploited to execute malicious code remotely or steal user data. Although no active exploitation has been observed in the wild so far, Google strongly recommends users update Chrome to version 132.0.6834.83/84 immediately to minimize the risk.
Other Improvements in Chrome 132
Along with the security fixes, Chrome 132 includes performance optimizations and groundwork for upcoming features. Google plans to elaborate on these new features in future blog posts.
Make sure to update your browser as soon as possible to enjoy improved security and performance while staying ahead of potential threats.
