Google has released a new stable Chrome update that addresses a serious flaw in its V8 JavaScript engine.
The update, now available as version 142.0.7444.162/.163 for Windows, 142.0.7444.162 for Mac, and 142.0.7444.162 for Linux, will roll out to users over the coming days and weeks.
| CVE ID | Severity | Affected Component | Description |
|---|---|---|---|
| CVE-2025-13042 | High | V8 JavaScript Engine | Inappropriate implementation in the V8 engine that could potentially allow an attacker to exploit memory handling and cause unexpected behavior or crashes. |
The V8 JavaScript engine is a critical component of the Chrome browser that powers JavaScript execution for web applications.
When vulnerabilities occur in V8, they can allow attackers to trigger crashes, bypass security protections, or even run arbitrary code in certain conditions.
Because V8 processes large amounts of complex, user-supplied code, even minor logic errors can have significant consequences.
In this latest release, Google has fixed one high-severity vulnerability, identified as CVE-2025-13042, described as an “inappropriate implementation in V8.”
The issue was reported by an external researcher using the handle 303f06e3 on November 3, 2025.
While the technical details of the bug have not been publicly shared, Google has restricted access to the report until a majority of users have received the updated version.
This careful approach prevents attackers from reverse-engineering the fix before users are protected.
Google acknowledged and thanked the contributor for responsibly reporting the vulnerability. As part of its security policy, the company typically rewards researchers who report valid bugs through its Chrome Vulnerability Reward Program.
The specific reward amount for CVE-2025-13042 has not yet been announced.
The Chrome team emphasized that many security issues are found through automated testing and fuzzing tools, including AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, and AFL.
These systems are designed to identify memory errors, undefined behavior, and other programming flaws before attackers can exploit them in the wild.
For users, Chrome’s automatic update feature ensures that devices receive security patches without manual intervention.
Still, experts recommend restarting the browser regularly to ensure updates are applied promptly.
Users can verify their Chrome version by navigating to Settings → Help → About Google Chrome, which triggers an update check if a new version is available.
This release continues Google’s ongoing effort to strengthen Chrome’s security posture and protect billions of users worldwide.
Developers and security analysts who want to review the complete list of changes can view the official build log on Chromium’s code repository.
Those interested in getting early access to upcoming versions can switch to Chrome’s Beta or Dev channels by following the instructions on the Chromium website.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.