You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
chrome updater
About this tag
The chrome updater tag covers discussions about Google Chrome's update mechanism on Windows, including security vulnerabilities and patching. Recent content highlights CVE-2026-7990, a local privilege escalation flaw in the Chrome updater fixed in Chrome 148.0.7778.96. This vulnerability is Windows-specific and underscores that the updater component can be an attack surface requiring attention from Windows administrators. Topics include inventorying affected systems, applying patches, and understanding the security implications of Chrome's update process on Windows platforms.
Google fixed CVE-2026-13800 on June 30, 2026, in Chrome 150.0.7871.47 for Windows, closing a high-severity Updater flaw that could let a local attacker escalate to operating-system privileges by using a malicious file on vulnerable Chrome installations. The short version is simple: this is not a...
Google Chrome for Windows before version 150.0.7871.47 is affected by CVE-2026-14018, a use-after-free flaw in the Chrome Updater that Google says can let a local attacker escalate privileges at the operating-system level by using a malicious file. The vulnerability landed in the National...
Google Chrome for Windows before version 150.0.7871.47 is affected by CVE-2026-13844, a high-severity use-after-free flaw in the Chrome Updater that could let a local attacker escalate to operating-system privileges through a malicious file. The uncomfortable part is not simply that Chrome had...
Google published CVE-2026-7990 on May 6, 2026 for a Windows-only Chrome Updater flaw fixed in Chrome 148.0.7778.96, and NVD’s initial configuration models it as Google Chrome before that version running on Microsoft Windows. That is probably not a missing CPE so much as an awkward but defensible...