MOUNTAIN VIEW, CA – Google has promoted Chrome 138 to the stable channel across Windows, macOS, and Linux platforms starting June 24, 2025.
The update (version 138.0.7204.49 for Linux, 138.0.7204.49/50 for Windows/macOS) includes critical security enhancements and performance optimizations.
Extended Stable Channel users receive build 138.0.7204.50 for Windows/macOS.
The rollout will complete globally within weeks.
Security Fixes and Researcher Rewards
This release patches 11 security vulnerabilities, including three externally reported flaws rewarded through Google’s Vulnerability Reward Program:
- CVE-2025-6555 ($4,000): Use-after-free in Animation component allowing memory corruption (reported by Lyra Rebane)
- CVE-2025-6556 ($1,000): Insufficient policy enforcement in Loader enabling privilege escalation (reported by Shaheen Fazim)
- CVE-2025-6557 ($1,000): Insufficient data validation in DevTools permitting UXSS attacks (reported by Ameen Basha M K)
Bug details remain restricted until most users update, per Google’s coordinated disclosure policy.
Advanced Security Tooling
Google credited its internal security infrastructure for identifying additional threats:
- Sanitizers: AddressSanitizer (ASan), MemorySanitizer (MSan), UndefinedBehaviorSanitizer (UBSan)
- Fuzzing: libFuzzer and AFL (American Fuzzy Lop)
- Runtime protections: Control Flow Integrity (CFI) architecture
These tools detected vulnerabilities during automated audits (e.g., bug 427296461) before reaching production.
Upgrade Recommendations
Users should enable automatic updates or manually trigger them chrome://settings/help to install version 138.0.7204.49/50.
Developers can monitor the Chromium Blog for feature deep dives.
Security researchers can report new issues via Chromium Bug Tracker or seek community support through official forums.
“Our collaboration with external researchers strengthens Chrome’s defenses against evolving threats,” stated Srinivas Sista, Chrome Engineering Lead.
The update underscores Google’s commitment to zero-day prevention through layered security tooling and transparent researcher partnerships.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?resize=1600,900&ssl=1&description=The update (version 138.0.7204.49 for Linux, 138.0.7204.49/50 for Windows/macOS) includes critical security enhancements and performance optimizations.){kind=link}