Google has released an urgent security update for the Chrome browser to address a high-severity zero-day vulnerability that is currently being exploited in the wild.
This emergency patch is part of the latest Stable channel update, bringing the version to 143.0.7499.109/.110 for Windows and Mac, and 143.0.7499.109 for Linux users.
The tech giant confirmed in its advisory that it “is aware that an exploit for 466192044 exists in the wild,” signaling that threat actors are actively leveraging this flaw to compromise unpatched systems.
Consequently, the update will roll out over the coming days, but administrators and users are urged to update immediately to mitigate the risk of targeted attacks.
Chrome 0-Day Vulnerability
The critical vulnerability, tracked internally as Issue 466192044, has been rated High severity. Unlike typical disclosures, Google has kept specific technical details about the bug, such as the affected component or the attack vector, under strict restrictions. The advisory currently lists the issue status as “Under coordination.”
This restricted disclosure policy is standard practice for zero-day events. By withholding specific information until a majority of the user base has applied the fix, Google aims to prevent other malicious actors from reverse-engineering the patch and developing their own exploits.
The company stated that access to bug details would remain restricted if the bug exists in a third-party library that other projects depend on but haven’t yet fixed.
In addition to the zero-day patch, this update resolves two other security flaws, both rated as Medium severity. These issues were identified by external security researchers who worked with Google during the development cycle.
The first, assigned CVE-2025-14372, is a “Use-after-free” vulnerability located in the Chrome Password Manager. This type of flaw can often lead to memory corruption or arbitrary code execution.
The second issue, CVE-2025-14373, involves an “Inappropriate implementation” within the Chrome Toolbar. Both researchers received a $2,000 bounty for their reports.
Vulnerability Details Table
| Issue ID / CVE | Severity | Component | Description |
|---|---|---|---|
| 466192044 | High | Undisclosed | Zero-Day: Under coordination (Exploit detected in the wild) |
| CVE-2025-14372 | Medium | Password Manager | Use after free vulnerability |
| CVE-2025-14373 | Medium | Toolbar | Inappropriate implementation |
To apply the update manually, users should navigate to the Chrome menu, select Help, and click on About Google Chrome. The browser will check for available updates and require a relaunch to complete installation.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
