For HomeFor BusinessFor Partners
Industry News
3 min read

Patch Your Browser! Google Addresses Newly ‘Exploited’ Flaw in Chrome’s JavaScript Engine

Filip TRUȚĂ
Filip TRUȚĂ

June 04, 2025

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Patch Your Browser! Google Addresses Newly ‘Exploited’ Flaw in Chrome’s JavaScript Engine

Google is rolling out security updates to Chrome users worldwide, signaling that attackers may be exploiting a weakness in the popular web browser.

Chrome users get some of the timeliest security patches in the software industry. Even so, bad actors still periodically find new flaws to exploit in an endless cat-and mouse game.

This week, the web giant is addressing a vulnerability in Chrome’s JavaScript engine, noting that criminals have already developed a working exploit for the bug.

An out-of-bounds issue in V8

Tracked as CVE-2025-5419, the flaw is described as an “out of bounds read and write” issue in Chrome’s V8 JavaScript and WebAssembly engine.

An out-of-bounds write happens when a program tries to write data to a memory location outside the intended buffer. The issue can be exploited to affect memory management, letting an attacker overwrite adjacent memory locations, modify critical program data, cause unexpected program behavior, and execute code of their choosing, including malware.

Google credits Clement Lecigne and Benoît Sevens of the Google Threat Analysis Group for reporting the bug on May 27.

The vulnerability carries a “high” risk rating.

“Google is aware that an exploit for CVE-2025-5419 exists in the wild,” says the tech titan.

As usual, the advisory lacks most of the technicalities involved in exploiting the weakness to malicious ends, keeping opportunistic hackers at bay while at the same time signaling that the issue is serious and users should patch sooner, rather than later.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” says the search giant. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

Fourth important security flaw patched this year

Google this year has patched several important security weaknesses in the popular web browser, including:

·      A flaw that could be exploited to perform account takeovers

·      A ‘GPU’ issue exploited in the macOS version of Chrome

·      A vulnerability said to have been exploited in an espionage campaign

Read: Google Patches Chrome Flaw that Can be Exploited to Take Over Accounts

Read: Google Patches ‘GPU’ Security Flaw Exploited on Chrome for Mac

Read: Google Releases Urgent Chrome Update to Thwart Espionage Exploit

Update your browser!

As of today, Chrome users want to be on:

·      Chrome 137.0.7151.68/.69 for Windows and Mac

·      Chrome 137.0.7151.68 for Linux

·      Chrome 137.0.7151.79 on iOS

·      Chrome 137.0.7151.72 on Android

Even if you don’t consider yourself a target for hackers, Bitdefender recommends you deploy the latest updates for all your personal devices the moment they're available, especially when the vendor rates the risk level as high, and even more so if the addressed issues are said to be exploited in the wild.

The desktop version of Chrome is programmed to check for the latest version on every relaunch. Start the process manually if you haven’t closed Chrome in a while. Visit the three-dotted options menu, choose Settings -> About Chrome, and let the browser fetch the latest version from Google’s servers. When prompted, relaunch Chrome.

Android releases contain the same security fixes as the desktop version of Chrome, unless otherwise noted by Google.

To patch Chrome on your Android device, visit the official Google Play Store and download the latest version.

Chrome users on iOS/iPadOS are unaffected by the issue described above. However, Google does offer a “stability and performance” update for Apple users to deploy. Visit the official Apple App Store to grab the latest version of Chrome for iOS/iPadOS.

For peace of mind, consider running a security solution on all your devices.

You may also want to read:

Update Your iGear! Apple Addresses Dozens of Security Issues Across the Board

Google to Pay Texas $1.4 Billion over Data Privacy Violations

What to Do if Your Data Gets Caught in a Breach

tags

Industry News

Author

Filip TRUȚĂ

Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

Right now Top posts

Fake Download of Mission: Impossible – The Final Reckoning Movie Deploys Lumma Stealer
Threats

Fake Download of Mission: Impossible – The Final Reckoning Movie Deploys Lumma Stealer

May 23, 2025

4 min read
Scammers Sell Access to Steam Accounts with All the Latest Games – It's a Trap!
Scam

Scammers Sell Access to Steam Accounts with All the Latest Games – It's a Trap!

May 16, 2025

4 min read
How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices
How to Tips and Tricks

How to Protect Your WhatsApp from Hackers and Scammers – 8 Key Settings and Best Practices

April 03, 2025

8 min read
Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025
Industry News

Outpacing Cyberthreats: Bitdefender Together with Scuderia Ferrari HP in 2025

March 12, 2025

1 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

US Offers $10 Million Reward for Information on RedLine Malware Creator Maxim Rudometov
Industry News

US Offers $10 Million Reward for Information on RedLine Malware Creator Maxim Rudometov
Silviu STAHIE
Silviu STAHIE

June 05, 2025

2 min read
900 Victims Compromised by Play Ransomware, FBI Reports
Industry News

900 Victims Compromised by Play Ransomware, FBI Reports
Vlad CONSTANTINESCU
Vlad CONSTANTINESCU

June 05, 2025

2 min read
Scammers Are Using ‘Airdrop’ to Steal Crypto, FBI Warns
Industry News

Scammers Are Using ‘Airdrop’ to Steal Crypto, FBI Warns
Filip TRUȚĂ
Filip TRUȚĂ

June 05, 2025

3 min read

Bookmarks

loader