Chrome 142 Update Patches Exploited Zero-Day

Chrome 142 Update Patches Exploited Zero-Day

Posted on By CWS

Google on Monday rolled out an emergency Chrome 142 replace to deal with a vulnerability exploited within the wild as a zero-day.

Tracked as CVE-2025-13223 (CVSS rating of 8.8), the exploited high-severity flaw is described as a kind confusion difficulty within the V8 JavaScript and WebAssembly engine.

Reminiscence security bugs that might set off surprising software program conduct, sort confusion vulnerabilities may result in crashes, distant code execution, and different sorts of malicious operations.

Sort confusion defects within the V8 engine can usually be exploited through crafted HTML pages for distant learn/write operations.

“Google is conscious that an exploit for CVE-2025-13223 exists within the wild,” the web large notes in its advisory, with out offering particulars on the bug or its exploitation.

Nevertheless, the corporate says the vulnerability was reported by Clément Lecigne of Google’s Risk Evaluation Group (TAG) on November 12. This means {that a} business adware vendor might need focused the bug in assaults.

TAG researchers have found quite a few safety defects exploited by business adware, together with vulnerabilities in Chrome.

CVE-2025-13223 is the seventh zero-day vulnerability resolved in Chrome this 12 months. The sixth was mounted in September.Commercial. Scroll to proceed studying.

The browser replace additionally resolves CVE-2025-13224, one other sort confusion difficulty in V8, reported by the Massive Sleep AI agent.

Google makes no point out of this safety defect being exploited within the wild, however the web large did reward Massive Sleep earlier than for locating bugs that menace actors knew about and have been on the point of exploit within the wild.

The newest Chrome iteration is now rolling out as model 142.0.7444.175 for Linux, model 142.0.7444.176 for macOS, and variations 142.0.7444.175/.176 for Home windows.

Associated: Firefox 145 and Chrome 142 Patch Excessive-Severity Flaws in Newest Releases

Associated: Chrome 142 Replace Patches Excessive-Severity Flaws

Associated: Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities

Associated: Widespread Exploitation of XWiki Vulnerability Noticed

Security Week News Tags:, , , ,

Related Posts

FBI Aware of 900 Organizations Hit by Play Ransomware FBI Aware of 900 Organizations Hit by Play Ransomware Security Week News
Cybersecurity M&A Roundup: 40 Deals Announced in September 2025 Cybersecurity M&A Roundup: 40 Deals Announced in September 2025 Security Week News
SIM Swap Attacks Highlight Security Vulnerabilities SIM Swap Attacks Highlight Security Vulnerabilities Security Week News
Spanish Energy Company Endesa Hacked Spanish Energy Company Endesa Hacked Security Week News
Pennsylvania Attorney General Confirms Data Breach After Ransomware Attack Pennsylvania Attorney General Confirms Data Breach After Ransomware Attack Security Week News
US Charges Cambodian Executive in Massive Crypto Scam and Seizes More Than Billion in Bitcoin US Charges Cambodian Executive in Massive Crypto Scam and Seizes More Than $14 Billion in Bitcoin Security Week News