By Click&Clean - Thursday, March 6, 2025. On March 4, Google released the third major update of 2025 for its widely popular Chrome web browser. The update is now available for upgrade on all major platforms, including Windows, macOS, Linux, Android, and iOS.
Most importantly, Chrome version 134 includes a total of 14 security fixes: 1 for a high-risk bug that could cause browser crashes, data leaks, or arbitrary code execution; 6 for medium-risk flaws; and 7 for low-risk vulnerabilities. Some of these security defects also impact other Chromium-based web browsers, such as Microsoft Edge, Opera, Brave, and Vivaldi.
Out of bounds read in V8 (CVE-2025-1914 Security severity: High) - The vulnerability arises from a boundary condition within the V8 component of Google Chrome. A remote attacker can deceive a victim into visiting a specially crafted malicious webpage, triggering an out-of-bounds read error and gaining access to sensitive information.
External Control of File Name or Path in Chrome's devtools (CVE-2025-1915 Security severity: Medium) - This security vulnerability exists due to improper restrictions on a pathname leading to a restricted directory in DevTools. A remote attacker can trick a victim into performing certain actions on a website, allowing them to overwrite arbitrary files on the system.
Use after free in Profiles (CVE-2025-1916 Security severity: Medium) - This security bug allows a remote cyber-attacker to exploit heap corruption by convincing a user to install a malicious extension and visit a specially crafted webpage, potentially gaining access to sensitive data.
Inappropriate Implementation in Browser UI (CVE-2025-1917 Security severity: Medium) - This security flaw allows a remote cyber-attacker to perform UI spoofing via a malicious webpage and gain access to sensitive information.
Out-of-bounds read in PDFium (CVE-2025-1918 Security severity: Medium) - This security vulnerability allows a remote cyber-attacker to potentially perform out-of-bounds memory access through a crafted malicious PDF file and gain access to sensitive information.
Out-of-bounds read in Media (CVE-2025-1919 Security severity: Medium) - This security bug allows a remote cyber-attacker to potentially perform out-of-bounds memory access through a specially crafted malicious HTML page.
Inappropriate Implementation in Media Stream (CVE-2025-1921 Security severity: Medium) - This security vulnerability allows a remote cyber-attacker to gather information about a peripheral using a specially crafted malicious webpage.
If you are using an outdated and insecure version of your web browser, we strongly recommend updating Chrome to the latest stable version to stay protected against potential cyberattacks and other security threats.
When you click the "Check and Update Chrome Now" button, you will be redirected to the "Browser Update Checker" page, where you can check for available updates. Once the security update is installed, the page will display the latest version of the Chrome web browser available at the time of writing:
• Chrome versions 134.0.6998.35 and 134.0.6998.36 on Windows
• Chrome versions 134.0.6998.44 and 134.0.6998.45 on Mac
• Chrome version 134.0.6998.35 on Linux
• Chrome version 134.0.6998.33 on iOS
• Chrome version 134.0.6998.39 on Android