Replace Chrome now: 20 safety fixes simply landed

Google has released an update for its Chrome browser that features 20 safety fixes, a number of of that are classed as excessive severity. Most of those flaws have been present in Chrome’s V8 engine—the a part of Chrome (and different Chromium-based browsers) that runs JavaScript.

Chrome is by far the world’s hottest browser, utilized by an estimated 3.4 billion folks. That scale means when Chrome has a safety flaw, billions of customers are probably uncovered till they replace.

These vulnerabilities are severe as a result of they have an effect on the code that runs nearly each web site you go to. Every time you load a web page, your browser executes JavaScript from all types of sources, whether or not you discover it or not. Without correct security checks, attackers can sneak in malicious directions that your browser then runs—typically with out you clicking something. That may result in stolen information, malware infections, or perhaps a full system compromise.

That’s why it’s vital to put in these patches promptly. Staying unpatched means you can be open to an assault simply by shopping the net, and attackers typically exploit these sorts of flaws earlier than most customers have an opportunity to replace. Always let your browser replace itself, and don’t delay restarting to use safety patches, as a result of updates typically repair precisely this type of danger.

How to replace

The Chrome replace brings the model quantity to 142.0.7444.59/.60 for Windows, 142.0.7444.60 for MacOS and 142.0.7444.59 for Linux. So, in case your Chrome is on the model quantity 142.0.7444.59 or later, it’s protected against these vulnerabilities.

The best solution to replace is to permit Chrome to replace mechanically, however you’ll be able to find yourself lagging behind in case you by no means shut your browser or if one thing goes flawed—resembling an extension stopping you from updating the browser.

To replace manually, click on the “More” menu (three stacked dots), then select Settings > About Chrome. If there’s an replace accessible, Chrome will notify you and begin downloading it. Then relaunch Chrome to finish the replace, and also you’ll be protected towards these vulnerabilities.

You can discover extra detailed replace directions and the way to learn the model quantity in our article on the way to replace Chrome on each working system.

Technical particulars

Among the vulnerabilities within the V8 engine there are two that stand out:

CVE-2025-12428 is a high-severity “type confusion” vulnerability within the V8 JavaScript engine. This occurs when code doesn’t confirm the article kind it’s dealing with after which makes use of it incorrectly. In different phrases, the software program errors one kind of knowledge for one more—like treating an inventory as a single worth or a quantity as textual content. This may cause Chrome to behave unpredictably and, in some circumstances, let attackers manipulate reminiscence and execute code remotely via crafted JavaScript on a malicious or compromised web site. Google paid a $50,000 bounty for its discovery, highlighting its severity.

CVE-2025-12036 includes an inappropriate implementation in V8 and is classed as important. This one permits distant code execution (RCE)—that means an attacker may run code in your pc simply by getting you to go to a specifically crafted web page. Google’s Big Sleep challenge, an AI-driven system that automates vulnerability discovery, discovered the flaw. It stems from improper dealing with within the internals of the JavaScript and WebAssembly engines and carries a excessive danger of knowledge theft, malware set up, and even full system compromise.

Users of different Chromium-based browsers—like Edge, Opera, and Brave—can anticipate comparable updates within the close to future.

We don’t simply report on threats—we take away them

Cybersecurity dangers ought to by no means unfold past a headline. Keep threats off your units by downloading Malwarebytes at present.