- Google has released a security update for Chrome to fix two serious vulnerabilities, one actively exploited in the wild.
- The main flaw, CVE-2025-13223, is a type confusion bug in the V8 JavaScript and WebAssembly engine that risks code execution or crashes.
- This patch addresses seven zero-day vulnerabilities reported or exploited since early 2025, including multiple V8 type confusion bugs.
- Users should update to Chrome version 142.0.7444.175 or later on Windows and Linux, and 142.0.7444.176 for macOS, to ensure protection.
- Other Chromium-based browsers are advised to apply updates when available to mitigate similar risks.
Google issued security updates on November 17, 2025, for its Chrome browser to fix two critical vulnerabilities. One of these, identified as CVE-2025-13223, is a type confusion flaw in the V8 JavaScript and WebAssembly engine. This issue allows remote attackers to exploit heap corruption through a crafted HTML page, potentially leading to arbitrary code execution or program crashes, according to its NIST National Vulnerability Database (NVD) entry. The vulnerability has been actively exploited in real-world attacks.
The flaw was discovered and reported by Clément Lecigne of Google‘s Threat Analysis Group (TAG) on November 12, 2025. Google has not disclosed details about the attackers, targets, or scope of exploitation but confirmed that an “exploit for CVE-2025-13223 exists in the wild.”
Alongside this, Google patched a related type confusion vulnerability, CVE-2025-13224, identified by its AI system Big Sleep, which also affects the V8 engine. These fixes are part of a broader security update that addresses a total of seven zero-day vulnerabilities in Chrome reported or exploited since early 2025. The seven include previous type confusion bugs such as CVE-2025-6554 and CVE-2025-10585.
The company urges users to update Chrome to versions 142.0.7444.175 or 142.0.7444.176, depending on the operating system, to receive these security improvements. Users can check their version and apply updates by navigating to More > Help > About Google Chrome and selecting Relaunch. Browsers built on the Chromium engine, including Microsoft Edge, Brave, Opera, and Vivaldi, should also install respective updates when released to address similar risks.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Tesla Shares Gain on Analyst Optimism and Court Win, Crash Woes Linger
- Bitcoin Tumbles to $90K Amid Market and Credit Risk Concerns
- VanEck Launches US’s 3rd Solana Staking ETF Amid Growing Crypto Fund Wave
- Bitcoin Slides Below $93K, Market Sentiment Shifts Rapidly
- Tesla Stock Climbs After Stifel Raises Price Target to $508
