Chrome 142 Update Patches Exploited Zero-Day

Chrome 142 Update Patches Exploited Zero-Day

Posted on By CWS

Google on Monday rolled out an emergency Chrome 142 replace to deal with a vulnerability exploited within the wild as a zero-day.

Tracked as CVE-2025-13223 (CVSS rating of 8.8), the exploited high-severity flaw is described as a kind confusion difficulty within the V8 JavaScript and WebAssembly engine.

Reminiscence security bugs that might set off surprising software program conduct, sort confusion vulnerabilities may result in crashes, distant code execution, and different sorts of malicious operations.

Sort confusion defects within the V8 engine can usually be exploited through crafted HTML pages for distant learn/write operations.

“Google is conscious that an exploit for CVE-2025-13223 exists within the wild,” the web large notes in its advisory, with out offering particulars on the bug or its exploitation.

Nevertheless, the corporate says the vulnerability was reported by Clément Lecigne of Google’s Risk Evaluation Group (TAG) on November 12. This means {that a} business adware vendor might need focused the bug in assaults.

TAG researchers have found quite a few safety defects exploited by business adware, together with vulnerabilities in Chrome.

CVE-2025-13223 is the seventh zero-day vulnerability resolved in Chrome this 12 months. The sixth was mounted in September.Commercial. Scroll to proceed studying.

The browser replace additionally resolves CVE-2025-13224, one other sort confusion difficulty in V8, reported by the Massive Sleep AI agent.

Google makes no point out of this safety defect being exploited within the wild, however the web large did reward Massive Sleep earlier than for locating bugs that menace actors knew about and have been on the point of exploit within the wild.

The newest Chrome iteration is now rolling out as model 142.0.7444.175 for Linux, model 142.0.7444.176 for macOS, and variations 142.0.7444.175/.176 for Home windows.

Associated: Firefox 145 and Chrome 142 Patch Excessive-Severity Flaws in Newest Releases

Associated: Chrome 142 Replace Patches Excessive-Severity Flaws

Associated: Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities

Associated: Widespread Exploitation of XWiki Vulnerability Noticed

Security Week News Tags:, , , ,

Related Posts

Analysis of 6 Billion Passwords Shows Stagnant User Behavior Analysis of 6 Billion Passwords Shows Stagnant User Behavior Security Week News
US Sentences Two for North Korean IT Scheme Involvement US Sentences Two for North Korean IT Scheme Involvement Security Week News
High-Severity Flaws Patched in Chrome, Firefox High-Severity Flaws Patched in Chrome, Firefox Security Week News
Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms Security Week News
Critical Chrome Vulnerability Earns Researcher ,000 Critical Chrome Vulnerability Earns Researcher $43,000 Security Week News
Prosper Data Breach Impacts 17.6 Million Accounts Prosper Data Breach Impacts 17.6 Million Accounts Security Week News