- This $200 Android is the only smartphone at CES that you should care about
- CES 2025: The 15 most impressive products you don't want to miss
- 베스핀글로벌 한국 법인, 2024년 흑자 전환 성공
- I tried smart glasses with built-in hearing aids - and they worked surprisingly well at CES
- Best laptops of CES 2025: These 5 Windows PCs left the biggest mark on the show floor
Update Chrome and Firefox now to patch these critical security flaws
Whether you use Chrome, Firefox, or both, it’s time once again to update the browser to stay safe and secure while surfing the web. Released on Tuesday, the latest round of bug fixes for both programs resolves a number of nasty security flaws.
Also: The best secure browsers for privacy
Chrome users
Chrome users will want to update the browser to version 31.0.6778.264/265 for Windows and Mac and version 131.0.6778.264 for Linux. This update includes fixes for four security vulnerabilities.
The only flaw on the list that Google described is one for which the company paid $55,000 to the security researcher who discovered and reported it, a sign that it is critical. Known as CVE-2025-0291, this vulnerability cites a Type Confusion in Chrome’s V8 JavaScript engine. This kind of flaw could allow someone to remotely run malicious code through a specially crafted HTML page or even launch a Denial of Service attack on your computer.
Also: How a Chrome extension malware scare ruined my day
In squashing the other bugs, Google pointed to fixes based on internal audits, a software testing technique known as fuzzing, and other initiatives. The company said that many security flaws are found using such tools and techniques as AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.
Firefox users
On the Firefox front, version 134 of Mozilla’s browser includes fixes for 11 security vulnerabilities, three of which are rated high and the rest as moderate.
One high-severity flaw known as CVE-2025-0244 affects Firefox on Android devices. The description for this one says that an attacker could spoof the browser’s address bar by redirecting the request to an invalid protocol, thereby directing you to a phony URL.
Also: How to protect yourself from phishing attacks in Chrome and Firefox
The other two severe vulnerabilities affect both Firefox and Mozilla’s Thunderbird email client. Dubbed CVE-2025-0242 and CVE-2025-0247, respectively, these were both described by Google as memory safety bugs that showed evidence of memory corruption. Such bugs could allow a remote attacker to read or write code beyond the usual regions of memory. “We presume that with enough effort some of these could have been exploited to run arbitrary code,” Google added.
With these critical security flaws in mind, you’ll want to update the browsers ASAP.
How to update your browser
To update Chrome on the desktop, click the three-dot icon at the top, move to Help, and then click About Google Chrome. The browser will automatically install the latest update and then prompt you to relaunch it.
To update Firefox on the desktop, click the three-lined hamburger icon at the top, select Help, and then click About Firefox. As with Chrome, Firefox will automatically run the latest update and then prompt you to restart it.
To update Firefox on an Android device, open the Play Store app, tap your profile icon in the upper right, and then select the setting for Manage apps & device. Allow the device to check for updates and then tap the link for Update All to update all your apps.
