Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities

4 weeks ago 16
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

Google and Mozilla on Tuesday announced the release of fresh security updates that patch several high-severity vulnerabilities in their popular browsers.

Google has released a Chrome 131 update that resolves four security defects, including a high-severity type confusion flaw in the V8 JavaScript engine reported by an external researcher.

Tracked as CVE-2025-0291, the externally reported issue earned the reporting researcher a $55,000 bug bounty reward, which suggests that an attacker could exploit it to execute arbitrary code remotely.

A category of memory safety bugs, type confusion defects in Chrome’s V8 engine could allow threat actors to leak sensitive information or fully compromise the victim’s system.

The latest Chrome iteration is now rolling out as versions 131.0.6778.264/.265 for Windows and macOS users, and as version 131.0.6778.264 for Linux users.

Mozilla on Tuesday announced patches for 11 vulnerabilities in Firefox, including three high-severity flaws, two of which are memory safety bugs that could potentially be exploited for remote code execution.

The third high-severity issue, tracked as CVE-2025-0244, is described as an address bar spoofing defect in Firefox for Android, which is triggered when redirecting to an invalid protocol scheme.

The remaining eight vulnerabilities resolved in the latest Firefox release are medium-severity issues that could lead to bypasses, address bar spoofing, elevation of privilege, crashes, and improper validation of certificates.

Advertisement. Scroll to continue reading.

On Tuesday, Mozilla also announced the rollout of Firefox ESR 115.19 and Firefox ESR 128.6, which contain patches for some of the vulnerabilities addressed in Firefox 134.

Neither Google nor Mozilla make any mention of any of these vulnerabilities being exploited in the wild, but users are advised to update their browsers as soon as possible.

Related: Chrome 131 Update Patches High-Severity Memory Safety Bugs

Related: Firefox 131 Update Patches Exploited Zero-Day Vulnerability

Related: Google Patches Critical Vulnerability With Chrome 99 Update

Related: Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 87 Update

Read Entire Article