Technology

Google Chrome 143 Patch Fixes CVE‑2026‑0628 and Adds Push API Rate Limits

by Rachel Kim – Technology Editor
written by Rachel Kim – Technology Editor

google Chrome Update: Critical Security Patch and New Measures to Combat Notification Spam

Google has released Chrome version 143, addressing a high-severity security vulnerability (CVE-2026-0628) and implementing new restrictions on the Push API to significantly reduce notification spam. These changes impact an estimated 3 billion chrome users worldwide.

Critical Security Vulnerability Patched

The recently patched vulnerability,designated CVE-2026-0628,was classified as high-severity,although Google has not publicly disclosed the specific details of the flaw to prevent exploitation. Security researchers routinely discover and report vulnerabilities in popular software like Chrome, and Google’s rapid response is crucial to protecting users from potential attacks. Users are strongly advised to update to the latest version of Chrome immediately to benefit from this security fix. You can check your current Chrome version by typing chrome://version into the address bar.

Google’s Project Zero, an elite team of security researchers, often discovers zero-day vulnerabilities – flaws unknown to the software vendor. While CVE-2026-0628 wasn’t specifically reported by Project Zero, the incident underscores the continued need for proactive security research and swift patching by software developers. Learn more about Project Zero.

Curbing Notification spam with Push API Rate Limits

In addition to the security patch, Chrome 143 introduces meaningful changes to the Push API, the technology enabling websites to send push notifications to users. Historically, malicious actors have abused the Push API to flood users with unwanted advertisements, phishing attempts, and other forms of spam. The new limitations are designed to deter this abuse.

How the New Rate Limits Work

The Push API rate limits work by restricting the number of push notifications a website can send to users within a given timeframe. According to Google’s official documentation, websites that exceed these limits will face progressively stricter penalties, ultimately leading to a temporary block on sending notifications for up to 14 days.

  • Initial Limits: The exact thresholds for triggering penalties haven’t been precisely detailed by Google, but they are designed to allow legitimate use cases while preventing widespread spam.
  • Progressive Penalties: First-time offenders will likely receive warnings and temporary reductions in their notification sending capacity.
  • Maximum Penalty: Repeated or egregious violations could result in a complete 14-day ban on sending push notifications.

Impact on Legitimate Websites

While the primary goal is to reduce spam, the new rate limits may also affect legitimate websites that rely heavily on push notifications for timely updates. Website operators need to carefully monitor their notification sending practices and ensure they are providing genuine value to users.Best practices include:

  • Obtain Explicit consent: Always request clear and unambiguous consent from users before sending push notifications.
  • provide Valuable Content: Ensure that notifications deliver relevant and timely data.
  • Allow Users to Opt-Out Easily: Make it simple for users to unsubscribe from push notifications.
  • monitor Usage: Track notification sending rates and user engagement to identify potential issues.

Why These Changes Matter

These updates represent a critical step toward improving the user experience within the Chrome browser. By addressing a significant security risk and combating notification spam, Google is enhancing both the safety and usability of its widely used browser. The proactive approach to security and user experience demonstrates Google’s commitment to maintaining a secure and reliable online surroundings.

Further Security considerations

Beyond keeping Chrome updated,users should also practise safe browsing habits,including:

  • Using strong,unique passwords for online accounts.
  • Enabling two-factor authentication whenever possible.
  • Being cautious of suspicious links and attachments.
  • Regularly scanning devices for malware.

Key Takeaways

  • Chrome version 143 patches a high-severity security vulnerability (CVE-2026-0628).
  • New Push API rate limits are in place to combat notification spam, with penalties up to 14 days.
  • Website owners need to ensure they comply with the new rate limits and respect user preferences.
  • Users should update to the latest Chrome version and practice safe browsing habits.

Rachel Kim – Technology Editor Rachel Kim is Technology Editor at World Today News, specializing in digital trends, artificial intelligence, and innovation. Her reporting helps readers understand the impact of new technologies on everyday life and the world economy.

You may also like

New Earth-Like Super-Earth Discovered: Details on the 61-Day...

Android March 2026 Update: Critical Security Flaws Patched...

Eco-Friendly Quantum Dots Boost Solar Hydrogen Production |...

Peru Raises Squid Catch Limit – & Security...

Samsung March 2026 Security Update: 65 Patches &...

MacBook Air M5: Apple’s New Chip Boosts AI...

Chimp Study Reveals Evolutionary Roots of Human Fascination...

Google at MWC 2026: AI Glasses, Gemini &...

Samsung Privacy Display: How It Works & vs...

Resident Evil 1 Remake: Production Underway at Capcom...

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

@2025 - All Right Reserved.

Hosted by Byohosting Most Recommended Web Hosting – for complains, abuse, advertising contact: contact@world-today-news.com