Chrome Users Alert: Urgent Update Rolled Out by Google for over 3 Billion Browsers
Chrome's Sudden Emergency Update: Beware of Active Vulnerabilities
Google has taken immediate action in response to two critical vulnerabilities discovered by its Threat Analysis Group. These issues, which include CVE-2025-5419 and CVE-2025-5068, have been used in active attacks, causing Google to swiftly roll out an emergency update.
Google says, "Yeah, we found trouble!"
Google admits that an exploit for CVE-2025-5419 exists in the wild. To protect its users, Google plans to keep detailed information about the vulnerability restricted until a significant majority updates their browsers with the fix. If the bug persists in third-party libraries yet to be rectified, Google will continue the restrictions[1].
CVE-2025-5419: A Dangerous Memory Flaw in V8
This vulnerability allows malicious actors to execute arbitrary code on victim systems via out-of-bounds read and write operations in Chrome’s V8 JavaScript engine. The flaw is particularly concerning as it is being actively exploited[1][3][5]. Prior versions of Chrome are affected, specifically Windows, Mac, and Linux versions below 137.0.7151.68 or 137.0.7151.69[1][5].
CVE-2025-5068: A Medium-Severity Use-After-Free Issue in Blink
Though less severe, CVE-2025-5068 involves a use-after-free issue in Chrome’s Blink engine. Reported by researcher “Walkman” on April 7, 2025, the vulnerability is potentially dangerous but has not yet been reported as exploited in the wild[2]. Both Windows, Mac, and Linux versions prior to 137.0.7151.68 or later are affected[2].
Apply the Fixes, Stat!
It's essential for all Chrome users to immediately update their browsers to at least version 137.0.7151.68, or 137.0.7151.69 for Windows and Mac users, to mitigate these vulnerabilities[1][2][5]. In the wake of this emergency update, expect CISA to issue a 21-day update mandate soon. Microsoft has also recently announced changes to its password policy, with deletions scheduled for as early as 8 weeks from now[4].
[1] https://www.blog.google/technology/security/update-on-chrome-security-incident/[2] https://www.bleepingcomputer.com/news/security/google-chromes-update-patches-high-severity-use-after-free-cve-2025-5068-vulnerability/[3] https://www.zdnet.com/article/zero-day-chrome-vulnerability-actively-exploited-patches-coming/[4] https://www.forbes.com/sites/thomsaffren/2025/05/26/microsoft-confirms-password-deletion-now-just-8-weeks-away/[5] https://developer.chrome.com/Home
ForbesFBI and Police Warning: Watch Your Smartphone Calls
Beyond the Chrome update, be cautious about smartphone scams. Be alert for suspicious calls, spoofed numbers, and voicemails that seem to be from government or financial institutions. The FBI and police advise against engaging with such calls and refer to their guidelines for safely handling them[6].
[6] https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/spoofed-phone-numbers-and-caller-id-spoofing
Remember, Safety First:
With cyber threats evolving at an alarming pace, it's crucial to stay vigilant and keep your devices updated. Update your Chrome browser as soon as possible, and don't hesitate to educate yourself and others about security best practices.
TL;DR- Google Chrome has issued an emergency update to address two critical vulnerabilities: CVE-2025-5419 and CVE-2025-5068.- CVE-2025-5419 is actively being exploited and needs immediate attention.- Update Chrome to version 137.0.7151.68 or later to protect yourself.- Be cautious about smartphone scams and follow the FBI's guidelines for handling suspicious calls.
Chrome's emergency update is a response to the active exploitation of the CVE-2025-5419 vulnerability, a dangerous memory flaw in V8, which allows malicious actors to execute arbitrary code on victim systems [1]. Technology advancements have made it crucial to keep up with software updates, as demonstrated by this situation. In light of the emergency update, Chrome vs Edge, Chrome vs Safari debates may become more relevant, as users prioritize security and functionality.
