|

Web mail Webmail Login


0
  • No products in the cart.
Total:$0.00
Google Patches Two Chrome Zero-Days Actively Exploited in the Wild - Compudent Systems
Information Technology Solutions for Dentists and the Dental Industry. Serving the GTA and Southern Ontario.
Dental I/T, Dental Information Technology, Network Security, Toronto, GTA, Dental, Network, I/T, Information Technology, Computer, Data, Abeldent, Dentrix, LiveDDM, Patterson Dental, Henry Schein, K-Dental, Sinclair Dental, Schick CDR, Dexis, Carestream, Carestream Dental, Digital Radiography, X-ray, Dental X-ray, Dental Software Support, Software
16954
bp-nouveau,wp-singular,post-template-default,single,single-post,postid-16954,single-format-standard,wp-theme-bridge,wp-child-theme-bridge-child,theme-bridge,woocommerce-no-js,ajax_fade,page_not_loaded,,columns-4,qode-child-theme-ver-1.0.0,qode-theme-ver-10.0,wpb-js-composer js-comp-ver-4.12,vc_responsive

Google Patches Two Chrome Zero-Days Actively Exploited in the Wild

13 Mar Google Patches Two Chrome Zero-Days Actively Exploited in the Wild

Posted at 10:48h in News by

Google has released emergency security updates for Chrome to address two high-severity zero-day vulnerabilities that are being actively exploited by attackers. Both flaws affect critical browser components and allow remote code execution through specially crafted web pages.

Critical Vulnerabilities Discovered

The security flaws, designated as CVE-2026-3909 and CVE-2026-3910, both carry CVSS scores of 8.8 and were discovered internally by Google’s security team on March 10, 2026. According to Google’s advisory, both vulnerabilities are confirmed to be exploited in the wild, making immediate updates crucial for all Chrome users.

Zero-day vulnerability exploitation concept

Technical Details

CVE-2026-3909 represents an out-of-bounds write vulnerability in Chrome’s Skia 2D graphics library. This flaw enables remote attackers to perform out-of-bounds memory access via crafted HTML pages, potentially leading to system compromise.

CVE-2026-3910 involves an inappropriate implementation issue in the V8 JavaScript and WebAssembly engine. Attackers can exploit this vulnerability to execute arbitrary code within Chrome’s sandbox through malicious web content.

Immediate Action Required

Chrome users must update their browsers immediately to versions 146.0.7680.75/76 for Windows and macOS, or 146.0.7680.75 for Linux. The update process is straightforward: navigate to Chrome’s menu, select “Help,” then “About Google Chrome,” and click “Relaunch” when prompted.

Browser security update notification

Growing Zero-Day Threat

This incident marks the third actively exploited Chrome zero-day vulnerability patched by Google since the beginning of 2026. The previous vulnerability, CVE-2026-2441, was a use-after-free bug in Chrome’s CSS component that was also being exploited in the wild.

The rapid succession of zero-day discoveries highlights the evolving threat landscape and the importance of maintaining up-to-date browser security. Organizations and individuals using Chrome for business operations should prioritize these updates to prevent potential data breaches and system compromises.

Impact on Dental Practices

For dental practices relying on web-based practice management systems, patient portal access, and cloud-based imaging solutions, these vulnerabilities pose significant security risks. Compromised browsers could potentially expose patient data, financial information, and system credentials.

Compudent Systems recommends that all dental practices immediately verify Chrome updates across all workstations and implement automated update policies where possible. Additionally, practices should consider reviewing their web security protocols and ensuring staff are aware of the importance of browser security.

Additional Browser Protection

Users of other Chromium-based browsers including Microsoft Edge, Brave, Opera, and Vivaldi should also apply security updates as they become available. These browsers often incorporate Chrome’s security fixes, though timing may vary by vendor.

As cyber threats continue to evolve, maintaining current browser versions remains one of the most effective defenses against web-based attacks. Organizations should establish regular update schedules and monitor security advisories to stay protected against emerging threats.

Tags:
, , , ,


Contact us today - How can we help you?