Google on Tuesday announced the release of Chrome 132 to the stable channel with 16 security fixes, including 13 that resolve vulnerabilities reported by external researchers.
Of the externally reported flaws, five are high-severity bugs affecting browser components such as the V8 JavaScript engine, Navigation, the open source 2D graphics library Skia, Metrics, and Tracing.
Two of these issues – an out-of-bounds memory access in V8 tracked as CVE-2025-0434 and an inappropriate implementation in Navigation tracked as CVE-2025-0435 – earned the reporting researchers $7,000 bug bounty rewards each.
Google paid $3,000 and $2,000 for an integer overflow in Skia and an out-of-bounds read in Metrics, respectively, and has yet to disclose the amount to be handed out for a stack buffer overflow in Tracing.
Chrome 132 also resolves five medium-severity security defects reported by external researchers, including a race condition in Frames and an inappropriate implementation in Fullscreen, each earning the reporting researchers $5,000 bug bounty rewards.
The remaining medium bugs include two inappropriate implementation issues in Fenced Frames and Payments, and an insufficient data validation flaw in Extensions, for which Google handed out $2,000, $2,000, and $1,000 rewards, respectively.
The browser update also resolves three low-severity inappropriate implementations in Extensions, Navigation, and Compositing. Google says it paid $1,000 in bug bounty rewards for each of these flaws.
Overall, Google handed out $37,000 in bug bounty rewards to the reporting researchers, but the total amount could be higher once the amounts are determined for all the resolved issues.
The latest Chrome iteration is now rolling out as versions 132.0.6834.83/84 for Windows and macOS, and as version 132.0.6834.83 for Linux.
Google also announced that Chrome’s extended stable channel for Windows and macOS has been updated to versions 132.0.6834.83/84 and that Chrome for Android version 132.0.6834.79 has been released with the same security fixes as the desktop iteration.
The internet giant makes no mention of any of these vulnerabilities being exploited in the wild, but users are advised to update their browsers as soon as possible.
Related: Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
Related: Cybersecurity Marketing Predictions for 2025 Business Growth
Related: Google to Automatically Enable Two-Step Verification for Some Accounts
