What’s new: Google has released security updates for Chrome to address four vulnerabilities, including a zero-day vulnerability identified as CVE-2025-10585. This type confusion issue in the V8 JavaScript and WebAssembly engine is actively exploited in the wild, allowing attackers to execute arbitrary code. This is the sixth zero-day vulnerability in Chrome reported this year.
Who’s affected
All users of Google Chrome, particularly those on versions prior to 140.0.7339.185/.186 for Windows and macOS, and 140.0.7339.185 for Linux, are at risk. Users of other Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi may also be affected once similar vulnerabilities are identified.
What to do
- Update Chrome to version 140.0.7339.185/.186 for Windows and macOS, and 140.0.7339.185 for Linux. Navigate to More > Help > About Google Chrome and select Relaunch to ensure the latest updates are installed.
