The Chrome 140 update is now live, bringing a set of security patches to Google’s browser on desktop and mobile devices. Versions 140.0.7339.80/81 for Windows and macOS and 140.0.7339.80 for Linux address multiple vulnerabilities, though Google reports that none of them have yet been exploited in active attacks. Still, the company recommends updating as soon as possible, since one of the flaws patched in this release is marked as high severity. Chromium-based browsers like Edge, Brave, and Vivaldi will also need to issue updates to incorporate the fixes.
According to Google’s Chrome Releases blog, six vulnerabilities were addressed in this round, four of which were found by external security researchers. The most critical of these is CVE-2025-9864, a use-after-free issue in the V8 JavaScript engine, which can pose serious risks if left unpatched. The other externally reported flaws—CVE-2025-9865, CVE-2025-9866, and CVE-2025-9867—are considered medium severity. As is standard practice, Google withheld details about two additional internally discovered vulnerabilities to prevent malicious actors from exploiting them before users have had time to update.
Users generally receive Chrome updates automatically, but a manual update can be triggered via the browser’s Help > About Google Chrome menu. The same set of patches has been applied across mobile versions, with Chrome for Android moving to version 140.0.7339.35 and Chrome for iOS to version 140.0.7339.95. Enterprise users on the Extended Stable Channel also gain the protections through version 140.0.7339.81 on Windows and macOS, ensuring a consistent rollout across different usage scenarios.
This release is focused exclusively on security, with no new features introduced for end users. Google confirmed that Chrome 141 is on track for release in early October. Until then, the spotlight shifts to other Chromium-based browsers, which must now adopt the same patches. Microsoft Edge, Brave, and Vivaldi remain on outdated builds for the moment, while Opera continues to lag significantly—its current version 121 is still tied to Chromium 137, which has been unsupported since June. That prolonged delay leaves Opera users particularly exposed, underscoring how reliance on timely updates is essential for keeping browsers secure.