Overview
- Google released Chrome 142.0.7444.175/.176 for Windows, 142.0.7444.176 for macOS, and 142.0.7444.175 for Linux, and users must relaunch the browser to apply the update.
- The exploited vulnerability, tracked as CVE-2025-13223, is a high-severity V8 type confusion bug that enables heap corruption via a crafted HTML page and could lead to code execution.
- A second V8 type confusion issue, CVE-2025-13224, was also patched after being flagged by Google’s Big Sleep AI system.
- Google says this is the seventh Chrome zero-day fixed in 2025, reinforcing the urgency of rapid updating for billions of users.
- Vendors of other Chromium-based browsers are rolling out corresponding fixes, and Vivaldi maintainers say their patch is already available.