- Google released security updates for Chrome addressing three vulnerabilities, one actively exploited.
- The main flaw resides in the open-source ANGLE graphics library as a buffer overflow issue.
- Eight zero-day vulnerabilities have been patched in Chrome since early 2025.
- Users and Chromium-based browser operators should promptly install the updates.
Google issued security patches on December 11, 2025, for its Chrome browser to fix three vulnerabilities, including one currently exploited in the wild. The actively exploited flaw is tracked as Chromium issue ID “466192044.” Google has withheld specific details about the CVE number, affected components, and the nature of the vulnerability.
A GitHub commit linked to the bug report identifies the flaw within the Almost Native Graphics Layer Engine (ANGLE), a library used in Chrome. The problem involves improper buffer sizing in ANGLE’s Metal renderer, likely causing a buffer overflow vulnerability that may lead to memory corruption, crashes, or execution of arbitrary code. The commit message specifies, “Metal: Don’t use pixelsDepthPitch to size buffers. pixelsDepthPitch is based on GL_UNPACK_IMAGE_HEIGHT, which can be smaller than the image height.”
Google acknowledged the existence of exploits targeting this issue and noted that further information is being coordinated. The company did not disclose threat actor identities or affected targets to protect users and prevent exploitation before widespread patch application, as outlined on the official Chrome Releases blog.
Alongside the high-severity ANGLE vulnerability, two medium-severity security issues were addressed: CVE-2025-14372, a use-after-free flaw in the Password Manager, and CVE-2025-14373, an inappropriate implementation in the Toolbar.
Since early 2025, Google has patched a total of eight zero-day vulnerabilities in Chrome, including CVEs such as CVE-2025-2783, CVE-2025-4664, and CVE-2025-13223. Users are advised to update their Chrome versions to 143.0.7499.109 or higher on Windows, macOS, and Linux to mitigate risks. To verify installation, users can navigate to More > Help > About Google Chrome and relaunch the browser.
Users of other Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should also apply corresponding updates as they become available to maintain security.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Trump Eyes Eliminating Federal Tax on Gambling Winnings
- Majority of Bitcoin Firms Face Unrealized Losses as Bitcoin Drops
- Radix Launches MFA Phase 2 with Timed Recovery on Stokenet
- New NANOREMOTE Windows Backdoor Uses Google Drive API for C2
- Trump Explores C5 Bloc as New G7 Competitor Including BRICS
