Google’s Critical New Security Update For 3.5 Billion Chrome Users Is Here

With some 3.5 billion users, Google’s Chrome web browser is far and away the most popular on the planet. Popular with users and, it has to be said, with hackers and cybercriminals looking to exploit that considerable user base. Thankfully, Google is always on the lookout for new vulnerabilities that might allow an attacker to compromise user data and even paid hackers $11.8 million in 2024 for doing just that. Now a security researcher has found a critical new vulnerability that requires all Chrome users to update as soon as possible. Here’s what you need to know and do.

Chrome Attackers Want Your Data

From remote access trojans employing drive-by download tactics, to AI-powered threats to your Chrome passwords, and hacker tools that can crack your browser wide open in 10 seconds flat, now is not the time to stop taking security seriously. If any further evidence of this is required, then look no further than the latest Google Chrome security bulletin, which has confirmed a critical vulnerability impacting all users of the browser across Android, Linux, Mac and Windows platforms.

In an April 15 statement, Google’s Prudhvi Kumar confirmed that two new security vulnerabilities impacting almost all Chrome browser users had been identified. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Bommana added.

Chrome Vulnerabilities CVE-2025-3619 And CVE-2025-3620 Confirmed By Google

Allowing for the fact that Google doesn’t release too much information concerning newly discovered and patched security vulnerabilities, what do we know about the latest issues to impact Chrome users?

CVE-2025-3620 is a high-rated use after free vulnerability in Chrome’s USB functionality, while CVE-2025-3619 is a heap buffer overflow issue in Codecs and has been given the highest critical severity Common Vulnerabilities and Exposures rating.

CVE-2025-3620 is of most concern due to its critical rating, and if successfully exploited, could enable an attacker to execute arbitrary code and potentially open the door to system compromise.

Update Chrome Now

The Chrome browser is being updated to version 135.0.7049.95/.96 for Windows and Mac users, version 135.0.7049.95 for Linux users, and version 135.0.7049.100 for Android users. These updates will, Bommana said, “roll out over the coming days/weeks.”

I would urge you not to wait, as the threat actors certainly won’t be holding back if they can exploit these vulnerabilities before you have patched them. You can kickstart the update process by going to “About Google Chrome” from the help menu but remember to relaunch your browser after the download and installation are complete, or you will not be protected by the latest updates.

Source: Google’s Critical New Security Update For 3.5 Billion Chrome Users Is Here