Cybersecurity

Google has announced the release of Chrome 140 to the stable channel for Windows, Mac, and Linux. This update will be distributed to users progressively over the coming days and weeks.

Technical Specifications and Security Fixes

The latest release, version 140.0.7339.80 for Linux and 140.0.7339.80/81 for Windows and Mac, includes several security enhancements and improvements. A comprehensive list of changes can be found in the Chromium log. Users of the Extended Stable Channel on Windows and Mac will receive version 140.0.7339.81.

Chrome 140 addresses six security vulnerabilities, three of which were reported by external researchers. Google provides specific reward amounts for reported issues and details each fix.

• CVE-2025-9864: High severity, reported by Pavel Kuzmin (Yandex Security Team). This issue is a use-after-free vulnerability in Chrome’s V8 JavaScript engine.
• CVE-2025-9865: Medium severity, $5000 reward, reported by Khalil Zhani. This pertains to an inappropriate implementation in the Toolbar component.
• CVE-2025-9866: Medium severity, $4000 reward, reported by NDevTK. It involves the Extensions system.
• CVE-2025-9867: Medium severity, $1000 reward, reported by Farras Givari. This affects the Downloads component.

The most critical vulnerability, CVE-2025-9864, could allow attackers to execute malicious code remotely, potentially leading to data theft or system compromise. Google acknowledges Pavel Kuzmin of Yandex Security Team for reporting this issue on Fri, Jul 28, 2025.

In addition to external contributions, Google’s internal teams continue to enhance Chrome’s security through audits, fuzzing, and other initiatives. A combined internal fix, ID 442611697, addresses various vulnerabilities identified by tools like AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL.

Update Recommendations

Users are advised to update Chrome as soon as the new version becomes available on their devices. Extended Stable Channel users will find the update under “About Google Chrome.”

Regularly updating Chrome is crucial to maintaining protection against remote code execution and other potential threats. Ensure your browser is current to benefit from the latest security measures and improvements.