Overview
- Google released Chrome 147.0.7727.137/138, closing 30 vulnerabilities, including four critical use-after-free bugs that could allow code to run or break out of the sandbox.
- Mozilla issued Firefox 150.0.1 and new ESR builds that fix memory-safety faults, with at least one flaw rated critical by Mozilla and related fixes lined up for Thunderbird and the Tor Browser base.
- Both vendors say they have seen no active attacks using these bugs, but they urge users to update as soon as the new versions appear.
- Other Chromium-based browsers are expected to follow with their own patches, with Edge, Brave and Vivaldi still on last week’s baseline and Opera noted as further behind.
- Mozilla says Anthropic’s Claude Mythos found well over 200 issues in Firefox 150’s code before release, signaling a larger role for AI in spotting security problems early.