Chrome 142 Update Patches Exploited Zero-Day

Chrome 142 Update Patches Exploited Zero-Day

Posted on By CWS

Google on Monday rolled out an emergency Chrome 142 replace to deal with a vulnerability exploited within the wild as a zero-day.

Tracked as CVE-2025-13223 (CVSS rating of 8.8), the exploited high-severity flaw is described as a kind confusion difficulty within the V8 JavaScript and WebAssembly engine.

Reminiscence security bugs that might set off surprising software program conduct, sort confusion vulnerabilities may result in crashes, distant code execution, and different sorts of malicious operations.

Sort confusion defects within the V8 engine can usually be exploited through crafted HTML pages for distant learn/write operations.

“Google is conscious that an exploit for CVE-2025-13223 exists within the wild,” the web large notes in its advisory, with out offering particulars on the bug or its exploitation.

Nevertheless, the corporate says the vulnerability was reported by Clément Lecigne of Google’s Risk Evaluation Group (TAG) on November 12. This means {that a} business adware vendor might need focused the bug in assaults.

TAG researchers have found quite a few safety defects exploited by business adware, together with vulnerabilities in Chrome.

CVE-2025-13223 is the seventh zero-day vulnerability resolved in Chrome this 12 months. The sixth was mounted in September.Commercial. Scroll to proceed studying.

The browser replace additionally resolves CVE-2025-13224, one other sort confusion difficulty in V8, reported by the Massive Sleep AI agent.

Google makes no point out of this safety defect being exploited within the wild, however the web large did reward Massive Sleep earlier than for locating bugs that menace actors knew about and have been on the point of exploit within the wild.

The newest Chrome iteration is now rolling out as model 142.0.7444.175 for Linux, model 142.0.7444.176 for macOS, and variations 142.0.7444.175/.176 for Home windows.

Associated: Firefox 145 and Chrome 142 Patch Excessive-Severity Flaws in Newest Releases

Associated: Chrome 142 Replace Patches Excessive-Severity Flaws

Associated: Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities

Associated: Widespread Exploitation of XWiki Vulnerability Noticed

Security Week News Tags:, , , ,

Related Posts

Aura Reveals Data Breach Affecting 900,000 Users Aura Reveals Data Breach Affecting 900,000 Users Security Week News
Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ Security Week News
Raven Secures M to Enhance Cloud Security Solutions Raven Secures $20M to Enhance Cloud Security Solutions Security Week News
Russian APT Hits Ukrainian Government With New Malware via Signal Russian APT Hits Ukrainian Government With New Malware via Signal Security Week News
Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities Security Week News
Iran’s Cyber Offensive Intensifies Post Epic Fury Strikes Iran’s Cyber Offensive Intensifies Post Epic Fury Strikes Security Week News