Google patches Chrome zero-day as in-the-wild exploits surface

Steven

Google patches Chrome zero-day as in-the-wild exploits surface

Summary

Google has issued an emergency patch for a high-severity Chrome zero-day (CVE-2026-2441) after evidence of in-the-wild exploitation emerged. The flaw is a use-after-free vulnerability in Chrome’s CSS handling that can allow a malicious webpage to execute arbitrary code inside the browser sandbox.

Google released fixes in Chrome versions 145.0.7632.75 for Windows and Mac and 144.0.7559.75 for Linux; the company says updates will roll out over the coming days and weeks. Security researcher Shaheen Fazim reported the bug on 11 February and Google confirmed active exploitation two days later, but is withholding technical details until more users are patched.

The issue carries a CVSS score of 8.8. The patch comes amid a broader set of browser risks, including a recent discovery that hundreds of Chrome extensions were exfiltrating browsing histories to third parties.

Key Points

  • CVE-2026-2441 is a use-after-free bug in Chrome’s CSS processing that can enable code execution within the browser sandbox.
  • Google assigned the flaw a CVSS score of 8.8 and confirmed exploits exist in the wild.
  • Emergency updates: Chrome 145.0.7632.75 (Windows/Mac) and 144.0.7559.75 (Linux) have been released; rollouts will continue over days/weeks.
  • Researcher Shaheen Fazim reported the vulnerability on 11 February; Google acknowledged active exploitation on 13 February but is keeping details private to protect users.
  • This is part of a sustained trend: Google patched eight actively exploited Chrome zero-days in 2025, and extension-based data leaks remain a significant risk.

Why should I read this?

Heads up — if you use Chrome, update it now. This isn’t theoretical: attackers were already using the bug in the wild. The short version: dodgy webpages can run nasty code inside your browser unless you install the update. Quick, punchy and important.

Context and relevance

The patch highlights two ongoing security trends: first, browsers remain a prime target for zero-day exploitation because a single malicious page can compromise many users; second, the browser ecosystem itself (extensions, third-party integrations) continues to amplify risk. For security teams and everyday users alike, this means keeping browsers and extensions up to date and pruning unnecessary add-ons.

Organisations should prioritise deploying the updated Chrome builds, monitor for indicators of compromise, and review extension policies — especially given recent findings that hundreds of extensions were siphoning browsing histories to external recipients.

Source

Source: https://www.theregister.com/2026/02/16/chromes_zeroday/