Ethical Hacking News
Google has fixed its fourth Chrome zero-day vulnerability this year, marking another major blow to attackers seeking to exploit weaknesses in the web browser. According to Google's latest update, this vulnerability was addressed through an emergency patch that rolled out in the Stable Desktop channel. The fix was made available for Windows, macOS (146.0.7680.177/178), and Linux users (146.0.7680.177). This move brings Google's total number of zero-day fixes to four since the start of 2026.
Google has released an update for Chrome to fix a fourth zero-day exploit that was being used by attackers to compromise users' systems. The vulnerability stems from a use-after-free weakness in Dawn, the underlying cross-platform implementation of the WebGPU standard used by the Chromium project. The update includes several patches designed to prevent attackers from exploiting this vulnerability in the future. Google has patched a total of eight zero-days exploited in the wild in 2025, including two previously addressed bugs. Users are advised to stay vigilant and keep their systems and software up to date with regular updates and patches.
Google has once again taken steps to address a critical security vulnerability in its popular web browser, Chrome. The latest update fixes a fourth zero-day exploit that was being used by attackers to compromise users' systems. According to the latest intelligence from Google, this vulnerability stems from a use-after-free weakness in Dawn, the underlying cross-platform implementation of the WebGPU standard used by the Chromium project.
The fix for this zero-day vulnerability has been rolled out in the Stable Desktop channel, with new versions of Chrome available for Windows, macOS (146.0.7680.177/178), and Linux users (146.0.7680.177). While Google claims that this update could take days or weeks to reach all users, it was immediately available when BleepingComputer checked for updates today.
The vulnerability that was being exploited by attackers is an iterator invalidation bug in CSSFontFeatureValuesMap (Chrome's implementation of CSS font feature values), which was first discovered and addressed by Google in mid-February. However, this latest zero-day exploit has been more extensive, with attackers reportedly using it to trigger web browser crashes, data corruption, rendering issues, or other abnormal behavior.
The good news for Chrome users is that Google has taken swift action to address this vulnerability. The company's security team worked around the clock to identify and fix the issue before releasing an emergency update. This update includes several patches that are designed to prevent attackers from exploiting this vulnerability in the future.
This latest zero-day exploit is not the only one that Google has addressed in recent weeks. Earlier this month, the company patched two other Chrome zero-day bugs exploited in attacks: an out-of-bounds write weakness in the Skia 2D graphics library (CVE-2026-3909), and an inappropriate implementation vulnerability in the V8 JavaScript and WebAssembly engine (CVE-2026-3910). In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by Google's Threat Analysis Group (TAG).
The threat landscape is constantly evolving, with new vulnerabilities being discovered and exploited every day. As such, it is essential for users to stay vigilant and keep their systems and software up to date. This includes regularly checking for updates and installing the latest patches as soon as they become available.
In conclusion, Google's latest update has addressed a critical zero-day exploit that was being used by attackers to compromise users' systems. While this is a welcome move, it also serves as a reminder of the importance of staying vigilant in the face of an ever-evolving threat landscape. Users should continue to prioritize security and keep their systems up to date to avoid falling victim to such exploits.
Related Information:
https://www.ethicalhackingnews.com/articles/Google-Fixes-Fourth-Chrome-Zero-Day-Exploit-Exploited-in-Attacks-in-2026-ehn.shtml
https://www.bleepingcomputer.com/news/security/google-fixes-fourth-chrome-zero-day-exploited-in-attacks-in-2026/
https://www.securityweek.com/google-patches-first-actively-exploited-chrome-zero-day-of-2026/
Published: Wed Apr 1 06:29:23 2026 by llama3.2 3B Q4_K_M
