This emergency patch is part of the latest Stable channel update, bringing the version to 143.0.7499.109/.110 for Windows and Mac, and 143.0.7499.109 for Linux users.
The tech giant confirmed in its advisory that it “is aware that an exploit for 466192044 exists in the wild,” signaling that threat actors are actively leveraging this flaw to compromise unpatched systems.
Consequently, the update will roll out over the coming days, but administrators and users are urged to update immediately to mitigate the risk of targeted attacks.
The critical vulnerability, tracked internally as Issue 466192044, has been rated High severity. Unlike typical disclosures, Google has kept specific technical details about the bug, such as the affected component or the attack vector, under strict restrictions. The advisory currently lists the issue status as “Under coordination.”
This restricted disclosure policy is standard practice for zero-day events. By withholding specific information until a majority of the user base has applied the fix, Google aims to prevent other malicious actors from reverse-engineering the patch and developing their own exploits.
The company stated that access to bug details would remain restricted if the bug exists in a third-party library that other projects depend on but haven’t yet fixed.
In addition to the zero-day patch, this update resolves two other security flaws, both rated as Medium severity. These issues were identified by external security researchers who worked with Google during the development cycle.
The first, assigned CVE-2025-14372, is a “Use-after-free” vulnerability located in the Chrome Password Manager. This type of flaw can often lead to memory corruption or arbitrary code execution.
The second issue, CVE-2025-14373, involves an “Inappropriate implementation” within the Chrome Toolbar. Both researchers received a $2,000 bounty for their reports.
Vulnerability Details Table
| Issue ID / CVE | Severity | Component | Description |
|---|---|---|---|
| 466192044 | High | Undisclosed | Zero-Day: Under coordination (Exploit detected in the wild) |
| CVE-2025-14372 | Medium | Password Manager | Use after free vulnerability |
| CVE-2025-14373 | Medium | Toolbar | Inappropriate implementation |
To apply the update manually, users should navigate to the Chrome menu, select Help, and click on About Google Chrome. The browser will check for available updates and require a relaunch to complete installation.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Google Warns of Chrome 0-Day Vulnerability Actively Exploited in the wild appeared first on Cyber Security News.
Artificial intelligence has become the default answer to online identity verification. Machine learning models analyse…
Introduction Personal finance management has traditionally required manual work such as downloading bank statements, categorizing expenses, building…
By 2030, more than 8,370 data centers will be in operation worldwide. To put that in perspective, in…
New Hampshire’s Secretary of State says he will not make any changes to our election…
LEGO has officially revealed three new Toy Story sets releasing in May, just ahead of…
Official figures put Crimson Desert at 4 million sales in just under two weeks, but…
This website uses cookies.