the Chromium logo

The Chromium Projects

Chrome OS Security Advisories

The following is a list of security advisory pages published on

Note that we do not routinely publish information for all fixed vulnerabilities on a dedicated page, just for vulnerabilities where users/customers will benefit from a more in-depth description of the issue and/or where mitigative action by the user is necessary. Thus, the majority of security bug fixes will not be listed here but handled as security bugs in the tracker and the fixes will be rolled out transparently to devices with the Chrome OS auto-update mechanism.

List of advisories in reverse chronological order:

[U2F ECDSA vulnerability](/chromium-os/u2f-ecdsa-vulnerability)

[Microarchitectural Data Sampling on Chrome

[Privilege escalation via unchecked TPM

[Lazy FP Restore Vulnerability Status for Chrome

[Meltdown/Spectre vulnerability status for Chrome OS

[Trusted Platform Module firmware