Google has swiftly addressed a critical zero-day vulnerability in its Chrome web browser, affecting billions of users worldwide. The update, released in response to a flaw discovered by Google's Threat Analysis Group, aims to protect users from potential cyberattacks.
The vulnerability, identified as CVE-2025-5419, resides within Chrome's V8 engine. This flaw allows for unauthorized access to device memory, posing a significant risk to sensitive data. The severity of the issue has been classified as high.
Google's rapid response included a silent server-side configuration change, deployed across all Chrome platforms. This proactive measure, implemented before a formal patch release, demonstrates Google's commitment to user security. The update, Chrome version 137.0.7151.68 for Windows and Linux, and 137.0.7151.69 for Mac systems, is now available.
US cybersecurity authorities, including CISA, are urging users to update their Chrome browsers promptly. Federal agencies have been instructed to apply the update within a 21-day timeframe. This swift action underscores the importance of staying current with security updates to mitigate potential threats.