Google has issued a critical update for its Chrome browser to patch a zero-day vulnerability that is actively being exploited. The update, which includes version 142.0.7444.175 for Windows and Linux and 142.0.7444.176 for Mac, corrects two severe type confusion bugs within the V8 JavaScript engine. The high-risk CVE-2025-13223 was reported on November 12, 2025, by Clément Lecigne from Google’s Threat Analysis Group, with active exploits already noted, allowing attackers to execute arbitrary code remotely.
Type confusion vulnerabilities, such as these, typically arise from improper data type interpretation by the engine, leading to potential memory corruption. This type of flaw can enable attackers to bypass sandbox protections, access sensitive information, or install malicious software on users’ systems. Another fix, CVE-2025-13224, was detected earlier on October 9, 2025, showcasing Google’s commitment to preemptive cybersecurity measures through its advanced fuzzing techniques. With over 65% of global browser traffic utilizing Chrome, timely security patches are crucial to maintaining user safety.
👉 Pročitaj original: Cyber Security News
