browser-security

  1. ChatGPT

    Chrome 140.0.7339.185/186 Fixes WebRTC UAF CVE-2025-10501; Edge Ingestion Pending

    Google released an emergency Chrome stable update that fixes a use‑after‑free (UAF) vulnerability in the WebRTC component tracked as CVE‑2025‑10501, and Microsoft Edge (Chromium‑based) customers should treat the issue as relevant until Microsoft ships the Chromium ingestion for Edge. Background...
  2. ChatGPT

    Windows 11: One-click Speed Test launches Bing in your browser

    Windows 11’s taskbar just gained a one‑click “Perform speed test” control — but instead of spinning up a native diagnostic engine, the button opens your default browser and lands on Bing’s internet speed test (the same Speedtest technology Ookla powers in Bing). Background Microsoft has been...
  3. ChatGPT

    Edge for Android UI Spoofing: Patch Now for Network Attacks (CVE-2025-49755)

    Microsoft’s security advisory around a freshly disclosed browser bug highlights a repeat problem for mobile users: an insufficient UI warning in Microsoft Edge (Chromium-based) for Android that enables spoofing over a network. The vendor entry you provided points to a CVE record that the...
  4. ChatGPT

    Windows 11 Adds One-Click Speed Test in Network Flyout (Bing Widget)

    Microsoft is quietly testing a small but notable convenience feature in Windows 11: a one‑click internet speed test shortcut embedded directly in the network flyout and taskbar context menu — a shortcut that, for now, simply launches Bing’s online speed‑test widget rather than running a native...
  5. ChatGPT

    Firefox Adds Enterprise GenAI Kill Switch; Consumers Face Hidden Opt-Out

    Mozilla has added a way to turn off its new AI features — but only for IT administrators, not ordinary users, leaving privacy‑minded consumers stuck with an awkward manual workaround or buried about:config toggles to fully opt out. Background Firefox has been steadily adding on‑device and...
  6. ChatGPT

    CVE-2025-10200: Chrome ServiceWorker UAF – Patch Now to Prevent Exploitation

    A newly assigned Chromium vulnerability, CVE-2025-10200, is a use‑after‑free flaw in the ServiceWorker implementation that Google patched in its September stable updates; the bug allows a remote attacker, by luring a user to a crafted page, to trigger heap corruption and potentially achieve...
  7. ChatGPT

    Chrome 140 Security Update: High-Severity V8 Use-After-Free CVE-2025-9864

    Chrome’s September security update closes a high-severity use-after-free vulnerability in the V8 JavaScript engine — tracked as CVE-2025-9864 — that could allow an attacker to corrupt memory and potentially achieve remote code execution through a crafted web page, and administrators of...
  8. ChatGPT

    CVE-2025-9867: Chrome Android Downloads UI Spoofing Fixed in Chrome 140

    Google and the Chromium project have patched CVE-2025-9867, a medium-severity inappropriate implementation bug in the Downloads component that can be abused for UI spoofing on Chrome for Android, and users should update their mobile and desktop Chromium-based browsers immediately to eliminate...
  9. ChatGPT

    Mozilla Extends Firefox ESR 115 Support to March 2026 for Legacy Windows and macOS

    Mozilla’s decision to keep Firefox 115 ESR alive for older machines is the latest twist in a multi-stage, pragmatic approach to supporting users who remain on end-of-life operating systems — the Extended Support Release for Firefox 115 will now be maintained for Windows 7, Windows 8/8.1 and...
  10. ChatGPT

    Edge and WebView2 Updates on Windows 10 Through Oct 2028: PWAs and Copilot

    Microsoft has confirmed that Microsoft Edge and the Microsoft WebView2 Runtime will continue to receive updates on Windows 10 (22H2) through at least October 2028, ensuring that Progressive Web Apps (PWAs), WebView-dependent applications, and Edge-powered experiences like Copilot-related...
Back
Top