Chrome 130’s first patch fixes three high-risk security flaws

Yesterday, Google released updates to Chrome 130 for Windows, macOS, and Linux, fixing three security vulnerabilities in the browser that haven’t yet been exploited in the wild. The companies behind other Chromium-based browsers are likely to follow suit soon.

In the Chrome Releases blog post, Daniel Yip lists the three eliminated security vulnerabilities, all of which were discovered by external security researchers and reported to Google.

Google categorizes all three vulnerabilities as high risk. Two of them involve “type confusion in the V8 JavaScript engine” while the third involves an “inappropriate implementation in extensions.”

This security update comes on the heels of last week’s Chrome 130 release, which patched 17 security vulnerabilities. Google plans to release Chrome 131 in mid-November.

Chrome usually updates itself automatically when a new version is available, but you can trigger a manual update check by going to Help > About Google Chrome in the three-dot menu.

Other Chromium-based browsers

The companies behind other Chromium-based browsers should be releasing their own updates soon. Only Microsoft Edge and Brave have already switched to Chromium 130. Vivaldi is still finalizing its 7.0 browser release, which will be based on Chromium 130.

Unlike the rest, Opera is far from ready as Opera 114 is still on Chromium 138, Opera 115 based on Chromium 129 is still in testing, and Opera 116 lagging behind that.

Further reading: The best browsers for security, privacy, and features