Google releases Chrome 132, fixes 16 flaws including possible Remote Code Execution
Take action: Time for the first 2025 update of your Chrome and Chromium based browsers (Opera, Edge, Brave). Not a panic mode update, but it's wise to patch your browsers.
Learn More
Google has released Chrome version 132.0.6834.83/84 for Windows, Mac, and Linux, addressing multiple security vulnerabilities. This stable channel update contains 16 security fixes, with several high-severity vulnerabilities that require immediate attention.
High-Severity Vulnerabilities:
- CVE-2025-0434 (CVSS score 8.8): Out of bounds memory access in V8, reported by ddme. This vulnerability could enable remote code execution or browser crashes.
- CVE-2025-0435 (CVSS score 6.5): Inappropriate implementation in Navigation. This issue could lead to potential data exposure and unexpected behavior.
- CVE-2025-0436 (CVSS score 8.8): Integer overflow in Skia.
- CVE-2025-0437 (CVSS score 8.8): Out of bounds read in Metrics.
- CVE-2025-0438 (CVSS score 8.8): Stack buffer overflow in Tracing.
The update also addressed several medium and low-severity vulnerabilities in various components including Frames, Fullscreen, Fenced Frames, Payments, Extensions, Navigation, and Compositing.
While Google has not disclosed active exploitation of these vulnerabilities in the wild, users are strongly advised to update their Chrome installations immediately. The update will roll out gradually over the coming days and weeks.
