• Home
  • cyber
  • Google: Google Chrome 144 Update Patches High-Severity Vulnerability in V8 Engine
cyber Vulnerability

Google: Google Chrome 144 Update Patches High-Severity Vulnerability in V8 Engine

Jan 7, 2026 2 min read
Google: Google Chrome 144 Update Patches High-Severity Vulnerability in V8 Engine

Google Patches Critical V8 JavaScript Engine Flaw in Chrome Update

Google has released Chrome versions 144.0.7559.96 and 144.0.7559.97 for Windows, macOS, and Linux to address a high-severity race condition vulnerability (CVE-2026-1220) in the V8 JavaScript engine. The update began rolling out on January 20, 2026, following the flaw’s discovery by security researcher @p1nky4745 on January 7, 2026.

The vulnerability stems from a race condition in V8, where improper synchronization of shared resources could allow attackers to manipulate memory and execute arbitrary code. Exploitation requires tricking users into visiting a malicious website, potentially leading to credential theft, malware installation, or unauthorized access to sensitive data.

Google’s phased deployment ensures stability, with Windows and macOS users receiving 144.0.7559.96/.97 and Linux users getting 144.0.7559.96. The flaw was detected using Google’s security testing tools, including AddressSanitizer, MemorySanitizer, and UndefinedBehaviorSanitizer, which identify memory safety issues.

Technical details remain restricted until most users update to prevent exploitation. Organizations are advised to prioritize the patch, while users can manually check for updates via Chrome’s settings. Bug reports can be submitted through official channels.

Source: https://cyberpress.org/google-chrome-144-update/

Google Chrome cybersecurity rating report: https://www.rankiteo.com/company/google-chrome

"id": "GOO1768994572",
"linkid": "google-chrome",
"type": "Vulnerability",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Chrome users (Windows, macOS, '
                                              'Linux)',
                        'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Google Chrome',
                        'type': 'Software'}],
 'attack_vector': 'Malicious Website',
 'customer_advisories': 'Users advised to update Chrome manually if automatic '
                        'updates are delayed.',
 'data_breach': {'personally_identifiable_information': 'Possible',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Credentials, sensitive data'},
 'date_detected': '2026-01-07',
 'date_publicly_disclosed': '2026-01-20',
 'date_resolved': '2026-01-20',
 'description': 'Google has released Chrome versions 144.0.7559.96 and '
                '144.0.7559.97 for Windows, macOS, and Linux to address a '
                'high-severity race condition vulnerability (CVE-2026-1220) in '
                'the V8 JavaScript engine. The vulnerability could allow '
                'attackers to manipulate memory and execute arbitrary code by '
                'tricking users into visiting a malicious website, leading to '
                'credential theft, malware installation, or unauthorized '
                'access to sensitive data.',
 'impact': {'data_compromised': 'Sensitive data, credentials',
            'identity_theft_risk': 'High',
            'systems_affected': 'Google Chrome (Windows, macOS, Linux)'},
 'investigation_status': 'Completed',
 'lessons_learned': 'Importance of memory safety testing tools '
                    '(AddressSanitizer, MemorySanitizer, '
                    'UndefinedBehaviorSanitizer) in detecting vulnerabilities '
                    'early.',
 'post_incident_analysis': {'corrective_actions': 'Patch released to fix the '
                                                  'race condition. Enhanced '
                                                  'use of memory safety '
                                                  'testing tools.',
                            'root_causes': 'Race condition in V8 JavaScript '
                                           'engine due to improper '
                                           'synchronization of shared '
                                           'resources.'},
 'recommendations': 'Prioritize patching Chrome to versions 144.0.7559.96/.97. '
                    'Users should manually check for updates. Organizations '
                    'should monitor for exploitation attempts.',
 'references': [{'source': 'Google Security Blog'}],
 'response': {'communication_strategy': 'Phased deployment, restricted '
                                        'technical details until most users '
                                        'update',
              'containment_measures': 'Patch released (Chrome versions '
                                      '144.0.7559.96/.97)',
              'remediation_measures': 'Update to patched Chrome versions'},
 'stakeholder_advisories': 'Organizations advised to prioritize patching.',
 'title': 'Google Patches Critical V8 JavaScript Engine Flaw in Chrome Update',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2026-1220 (Race Condition in V8 JavaScript '
                            'Engine)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.