Google has released another emergency update for its Chrome browser, marking the second such update in just one week, as the company works to patch a serious security flaw threatening billions of users worldwide. The update addresses a high-severity vulnerability identified as CVE-2025-12036, located in Chrome’s V8 JavaScript engine. This issue allows remote attackers to execute arbitrary code on a user’s device through a compromised or malicious website, leaving users vulnerable without requiring any additional action on their part. The fix is being rolled out across Windows, Mac, Linux, and Android platforms, with users urged to apply the update immediately.
According to details shared by the Chrome security team, the vulnerability was discovered by Google’s AI-powered Big Sleep security tool. While the company has not yet disclosed the full technical details of the exploit to prevent further misuse, it confirmed that the issue could enable attackers to take full control of an affected system through crafted web pages. The flaw impacts Chrome’s V8 JavaScript engine, which handles code execution within the browser. This type of vulnerability can allow threat actors to bypass normal security restrictions, execute malicious scripts, and potentially access user data or install harmful software. The update rollout has already begun and will continue in stages over the coming days to ensure all users receive the patch.
Srinivas Sista from the Chrome development team emphasized the importance of staying updated and confirmed that users should verify they are running version 141.0.7390.122 or 141.0.7390.123 on Windows and Mac, version 141.0.7390.122 on Linux, and the same version on Android. Chrome typically installs updates automatically, but users can also check manually by navigating to the settings menu and selecting “About Google Chrome.” This action triggers an immediate check for the latest updates. Once the update is downloaded, users must relaunch their browser for the security patch to take effect. Without a restart, the vulnerability remains active and exploitable.
Security researchers have noted that active exploitation of this vulnerability has already been observed, which adds urgency to the situation. This rapid series of updates underscores Google’s proactive stance in addressing critical security flaws before they can be widely abused. Experts also recommend users enable Chrome’s automatic update feature and avoid visiting unfamiliar websites or clicking on suspicious links until their browser is confirmed to be up to date. Google continues to strengthen Chrome’s protection layers, using machine learning tools and enhanced scanning capabilities to detect and mitigate emerging threats in real time. The company is expected to release more details about the vulnerability once the majority of users have received the update, ensuring that attackers cannot exploit systems that remain unpatched.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
