Google releases Chrome emergency update; patches four vulnerabilities, one actively exploited
Take action: Once again - an urgent patch for Chrome - Google is patching an actively exploited flaw in Chrome, and exploitation is just a visit to a malicious site. DONT WAIT! Update all your Chrome and Chromium browsers (Edge, Opera, Brave, Vivaldi...). Updating the browser is easy, all your tabs reopen after the patch.
Learn More
Google has released an emergency update for Google Chrome, patching four high-severity vulnerabilities including one actively exploited zero-day vulnerability that allows attackers to execute malicious code simply by tricking users into visiting compromised websites.
Vulnerabilities summary
- CVE-2025-10585: Type Confusion in V8 JavaScript engine (actively exploited in the wild)
- CVE-2025-10500: Use after free in Dawn graphics abstraction layer
- CVE-2025-10501: Use after free in WebRTC component
- CVE-2025-10502: Heap buffer overflow in ANGLE graphics engine translation layer
All four vulnerabilities are rated as high-severity and can potentially lead to memory corruption and arbitrary code execution.
The update was released on September 17, 2025, as versions 140.0.7339.185/.186 for Windows and Mac, and 140.0.7339.185 for Linux, with a gradual rollout over the coming days and weeks
Users are strongly urged to update their browsers immediately. Users can manually check for updates by navigating to Chrome's settings menu and selecting "About Google Chrome" to trigger an automatic update check, followed by restarting the browser. Users of other Chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to apply the fixes as and when they become available.
