Cybersecurity experts have advised 750 million users of Google Chrome and Gemini to update their Chrome.
In January, Google released Chrome patches without much explanation of the news discovered vulnerabilities, asking users to update quickly. The company was reportedly tipped off by Unit 42 researchers, who found a high-severity vulnerability (CVE-2026-0628) tied to Chrome AI’s assistant Gemini. They said that they
disclosed this vulnerability to Google on 23 October, 2025. and Google was able to reproduce the conditions to exploit the vulnerability, and issued a fix in early January. .
In a detailed report, the researchers have warmed that a now-patched Chrome vulnerability could’ve allowed attackers to gain access of users’ cameras and microphones, taking screenshots of websites, and accessing local files and directories.
If you are unsure whether your Chrome is up to date, check it now. You can do it by:
Opening three dots at the right corner of the Chrome browser.
Going to “Settings”
Pick “About Chrome” at the bottom.
There you will find information about your current browser version, and you will be prompted to relaunch if needed.
Gemini in Chrome refers to a new class of web browsers which integrate AI assistance. The AI side panel functions to provide real-time content summary, automated execution of tasks, and dynamic assistance for contextual understanding of the active webpage.
“By granting the AI direct, privileged access to the browsing environment, AI browsers are capable of performing complex, multi-step operations that were previously impossible or required several extensions and manual steps,” the researchers said, warning that expanded capability and privileged access introduce a new and widened attack surface. This creates security implications that are not present in traditional browsers.
While AI browsers or AI features implemented into existing browsers can improve the user experience, it’s important to continue monitoring for potential security flaws, they add.
