Google has released a second emergency security update for its Chrome browser in a 48-hour period, patching three additional critical-severity vulnerabilities. This rapid succession of patches underscores the aggressive pace at which browser vulnerabilities are being discovered and fixed. The latest update addresses three distinct use-after-free flaws that could allow an attacker to execute arbitrary code on a victim's system by convincing them to visit a malicious website. All users are urged to update their browsers immediately.
The update released on July 16, 2026, follows another major update from July 14 and specifically addresses three critical use-after-free (UAF) vulnerabilities. A UAF flaw occurs when a program tries to use a pointer to a memory location that has already been deallocated, which can be exploited to corrupt data or hijack program execution.
The patched vulnerabilities are:
Notably, all three of these critical flaws were discovered by Google's internal security teams, suggesting that the company's own fuzzing and code analysis tools are becoming increasingly effective at finding serious bugs before they are reported by external researchers.
chrome://settings/help for the current version).Exploitation of these use-after-free vulnerabilities could allow an attacker to escape the browser's sandbox and execute arbitrary code on the host operating system. This would grant the attacker the same level of permission as the logged-in user. Such an attack would typically be initiated by tricking a user into navigating to a specially crafted malicious webpage. A successful exploit could lead to the installation of malware, theft of sensitive data, or complete system takeover.
The security fixes are being rolled out to users via Chrome's automatic update mechanism. The updates will be applied the next time the user restarts their browser. Google has not released detailed technical information or proof-of-concept code for these vulnerabilities to prevent their immediate exploitation.
Critical. Due to the severity of the vulnerabilities, all organizations and individual users should ensure the update is applied as soon as possible. The risk is high for all users who browse the web, as a single visit to a compromised or malicious site could lead to compromise.
Help > About Google Chrome.Relaunch button to apply the patch.Detecting exploitation of browser vulnerabilities on the endpoint before a patch is applied is very difficult. The primary defense is rapid patching. Post-patch, no hunting is typically required unless there is suspicion of prior compromise.
The only effective mitigation is to ensure Google Chrome is updated to the latest version, which contains patches for these vulnerabilities.
Using web filtering solutions to block access to known malicious or untrusted websites can reduce the risk of users being exposed to exploit kits.
Google releases the first of two significant Chrome security updates.
Google releases the second emergency Chrome update, patching three critical UAF flaws.

Cybersecurity professional with over 10 years of specialized experience in security operations, threat intelligence, incident response, and security automation. Expertise spans SOAR/XSOAR orchestration, threat intelligence platforms, SIEM/UEBA analytics, and building cyber fusion centers. Background includes technical enablement, solution architecture for enterprise and government clients, and implementing security automation workflows across IR, TIP, and SOC use cases.
CyberNetSec.io uses automation to assist source monitoring, deduplication, observable extraction, and structured intelligence generation. Published analysis follows human-defined editorial standards and adds defensive context including MITRE ATT&CK, D3FEND, STIX, and Sigma where applicable. Read our editorial policy.
Help others stay informed about cybersecurity threats
Every tactic, technique, and sub-technique used in this threat has been identified and mapped to the MITRE ATT&CK framework for consistent, actionable threat language.
Observables and indicators of compromise (IOCs) have been extracted and cataloged. Risk has been assessed and correlated with known threat actors and historical campaigns.
Detection rules, incident response steps, and D3FEND-aligned mitigation strategies are included so your team can act on this intelligence immediately.
Structured threat data is packaged as a STIX 2.1 bundle and can be visualized as an interactive graph — relationships between actors, malware, techniques, and indicators.
Sigma detection rules are derived from the threat techniques in this article and can be converted for deployment across any major SIEM or EDR platform.